An ACT Government-funded statutory authority has been hit by a potential cyber attack that could have exposed extremely vulnerable clients’ data.
It follows a string of high-profile cyber attacks on major companies like Optus and Medibank in recent weeks.
Legal Aid ACT says the “cyber incident” took place yesterday (3 November) and it is still working through whether any of its clients’ personal information has been accessed.
The body provides free legal services and advice to anyone with a focus on those who are disadvantaged or struggle to access legal help. This includes victims of sexual assault, and domestic and family violence.
Clients will be contacted directly by a Legal Aid ACT staff member if it is determined their information has been accessed, a spokesperson confirmed in a statement.
Legal Aid ACT has warned some of its other systems and services may be affected as an investigation commences.
They have appointed a specialist cyber security firm to look into the breach.
CEO John Boersig said his immediate concern is for Legal Aid’s clients and other parties linked to its services.
“Once we ascertain the extent of the breach, we will make risk assessments based on specialist advice and contact affected individuals as required,” he said.
[We are] committed to transparency about what we know and how that could impact our customers, our people, and the broader community.”
The ACT Government is aware of the incident and has confirmed none of its IT systems have been impacted.
In a statement, a spokesperson said they are providing every support possible to Legal Aid and working closely with them.
Anyone concerned about their immediate safety is asked to call the police on 000 or, if a safety plan around the incident is required, they are asked to call Domestic Violence Crisis Service on 02 62 800 900.
Legal Aid ACT will continue to update its website with more information as it becomes available.
More to come.