On Sunday 22nd November 2020, Law In Order experienced a cyber security incident.
Latest Update - 3 December 2020
In keeping with Law In Order’s commitment to keep our customers informed, we provide the following update on the current cyber security incident.
Law In Order and our expert advisors are continuing to investigate the ransomware attack that caused a partial IT outage. While this attack has impacted our operations, the majority of our key systems are now up and running and we are working hard to safely and fully restore our services and further improve our defences.
We have already taken additional steps to enhance the security of our network, including:
- Deployment of advanced endpoint monitoring across all servers and workstations
- Improved log collection, correlation and monitoring
- Password changes and implementation of multi-factor authentication
We are continuing to review what additional steps we can take to improve the security of our systems and will continue to implement improvements in the coming weeks. We have received no reports, nor identified any evidence to indicate that any Law In Order client network has been attacked as a result of this incident.
When this incident occurred, we implemented a response strategy to investigate the threat actor’s activities, safely restore our systems and prevent potential disclosure of client information. We are continuing to monitor and manage the situation closely, and if we have concerns about, or if we identify any data misuse, we will be in touch with the affected organisations or individuals directly.
Although we have received no reports, nor identified any evidence of our customers being attacked following this incident, we remind everyone to be vigilant about cyber safety and follow best practices. Be alert to telephone, SMS, email and social media phishing scams requesting personal information or payment of money. Never open attachments from unknown senders, and always check that any email is legitimate before responding. If you receive a suspicious email from a known source, especially regarding the transfer of funds, contact the recipient via another trusted channel using their usual contact details such as their telephone number, to obtain verification.
Thank you again for your understanding.
Last Update - 24 November 2020
Over the weekend, Law In Order was the victim of a cyber security incident. As a precaution, to protect information and systems, we limited access to segments of our network, which also halted much of our business operations.
We have engaged expert cyber security investigators and advisers, who are working with our team to investigate and respond to the incident. Our priority is to restore systems back online safely and quickly.
We are making progress, however it is important that we do this methodically and safely as we work to resume normal business operations.
We are undertaking a thorough forensic investigation to understand the scope and details of the incident. This includes the extent to which information has been affected. We are assessing reports that a very small proportion of data on Law In Order’s servers has been exfiltrated and proactively advising customers who may be impacted. We have committed to being open and transparent with our customers and will continue to keep them informed as our work progresses.
We will continue to work closely with our cyber security advisors, as well as the Australian Federal Police (AFP) and the Australian Cyber Security Centre (ACSC), and to follow best practices while we work on restoring operations in a safe and secure manner.
If you have any questions please contact Emma Barker on 03 9691 7555.
Last Update - 23 November 2020
As a precaution, to protect information and systems, Law In Order has limited the access to much of its network which has therefore halted much of our business operations.
We have engaged expert cyber security advisors, and they and our IT team are actively investigating the incident and responding to it, and working to bring systems back online safely and quickly.
We are making progress, however, it is important that we do this methodically and safely as we work to resume normal business operations.
We are investigating the extent to which information contained in our system, including sensitive personal information, has been affected. At this stage we have seen no evidence of data exfiltration nor anything that indicates Law In Orders’ customers’ networks have been compromised.
We will work with law enforcement agencies and privacy regulators as required.
This year we have seen several high profile cyber security incidents impacting Australian companies and public sector entities.
We will keep you informed as we learn more.
If you have any questions please contact Emma Barker or 03 9691 7555.