Legal Practice Board of Western Australia Reports No Data Released After May Ransomware Attack

Months after being listed as a victim of a ransomware attack by the Dire Wolf hacking group, the Legal Practice Board of Western Australia confirmed that no allegedly stolen data has been published by the cyber criminals. Libby Fulham, the executive director of the Legal Practice Board, stated that some limited corporate correspondence was disclosed on Tuesday, 27 May, but it was removed within 24 hours due to takedown efforts. This correspondence contained minimal contact information, operational and resourcing details, and bank account information for the board and a small number of third parties who were directly notified.

Fulham indicated that the board has been actively monitoring the darknet for any further activity from the hackers, especially given their threat to publish data in June. On 19 June 2025, a third party published a link to some data, claiming it was related to the board. However, upon review, the board confirmed that this data did not pertain to them. The board continues to monitor for any further disclosures and has not detected any additional dark web activity at this time. Additionally, the board obtained an injunction to prevent any access, dissemination, or sharing of data impacted by this incident, which did cause some disruption to their systems. 

Categories: Ransomware Attack, Data Security, Cyber Incident Response 

Tags: Ransomware, Attack, Data, Cybercriminals, Correspondence, Takedown, Monitoring, Darknet, Injunction, Disruption