CMM Quay was recently the subject of a cyber ransomware attack. Therefore electronically stored information on the CMM Quay database may have been accessed by an unauthorised party.
We set out below details of the cyber-attack, what we have done and what we are doing to safeguard the information we hold.
We also make suggestions as to steps you can take to protect yourself.
What information do we hold electronically?
Like all legal firms, we hold information provided to us in the course of clients’ legal transactions and for providing legal advice. We also hold information provided to us to be able to manage our business. This information includes:
- Names and contact details
- Details of legal transactions
- Bank account numbers used in transactions (we do not hold passwords or security questions/answers)
- Copies of passports, licences and personal certificates
- Copies of safe custody holdings, such as wills
What we have discovered and done to date
On 9 December 2021 at around 9:00 am AEDT, CMM Quay became aware that its computer network had been compromised by a cyber ransomware attack which took place at around 12:30 am AEDT that morning. Essentially hackers locked our computers so that we could not use them to work, demanding a ransom to unlock them.
We immediately disabled all external access to our network, and our IT and cyber security experts (our experts) scanned all our computers for malicious software.
Investigations by our experts revealed that the hackers entered our network via the Exchange (email) Server. If that is the case, the hackers could have sent emails purporting to be from CMM Quay. It should be noted that CMM Quay personnel did not send emails after approximately 10:30 pm AEDT on 8 December 2021, the evening before the attack, and that CMM Quay emails only became operational again at 3.45pm AEDT yesterday, 15 December 2021.
To date there is no evidence that electronic information of clients was extracted in the ransomware attack. While no other malicious software was found, CMM Quay data was put back to the position it was in, before the cyber-attack occurred. Also, our computers are presently being constantly scanned for malicious software. We are continuing our investigations in relation to the compromise of data and associated sensitivities, and as to how to prevent reoccurrence.
Of course, we have reported the cyber-attack to the Australian Cyber Security Centre (ACSC).
What you should do
DO NOT reply to suspicious emails from CMM Quay, including emails that ask you to click on a link or to provide unexpected information.
DO NOT open suspicious attachments to emails from CMM Quay, particularly if they are not expected as part of a transaction.
It is unlikely that we will change our banking or contact details. If you receive an email from CMM Quay providing new bank or contact details, DO NOT action it without first calling our office. In fact, you should ALWAYS contact our office if we have provided bank details, to check they are correct.
You may call your usual CMM Quay contact or our office on our office phone number, to verify any email, but DO NOT use the contact details within a suspicious email. Only use a means of contact that you can independently verify.
Our office phone number is below, but for added security, it can be found at https://www.cmmquaylegal.com.au/contact/ or at https://www.lawsociety.com.au/for-the-public/find-a-lawyer.
Our lawyers’ email addresses can also be found at https://www.cmmquaylegal.com.au/about/#meet-our-team
Please feel free to contact us with any questions by:
- reply to this email; or
- phoning our office manager, Mary Tullis, on our office phone number.
We reiterate that CMM Quay takes privacy and security seriously, and while we employed reasonable preventative measures, we are working on more measures to be put into place.
For added precaution, CMM Quay recommends that you take the following steps to reduce the likelihood of harm occurring:
- Monitor inbound and outbound emails of both work and personal email addresses for unusual activity;
- Monitor bank accounts for suspicious transactions. You may also wish to contact your bank for added security;
- Reset access passwords;
- Be vigilant for any unusual contact from unknown individuals or entities requesting information; and
- Again, if you are unsure of an email purporting to come from CMM Quay, phone our office to verify it is genuine.
Further helpful information and contacts
Office of the Australian Information Commissioner (OAIC)
Privacy Hotline on 1300 363 992
Web site: http://www.oaic.gov.au
Address: The Australian Information Commissioner
GPO Box 5218
Sydney NSW 1042
Australian Cyber Security Centre
Cyber hotline: 1300 292 371 (1300 CYBER1)
Website: https://www.cyber.gov.au for general information concerning data security breaches.
PO Box 5076
Kingston ACT 2604
Principal Lawyer and Notary Public