Article Details

Files stolen from NSW court system, including restraining orders for violence. Victims' details at risk after criminals download 9,000 files from court database. Australian police are currently investigating the theft of "sensitive" data from a New South Wales court system after they confirmed approximately 9,000 files were stolen. Investigations into the attack on the NSW Online Registry website (ORW), which provides access to civil and criminal court cases in the region, are being led by cybercrime detectives and the Department of Communities and Justice (DCJ). Describing the NSW ORW as "a secure online platform," the police said 9,000 files were "downloaded" by attackers. Among the files stolen were affidavits and apprehended violence orders (AVOs), which are a type of restraining order to protect victims of domestic violence, child abuse, and other physical harms, such as assault, harassment, stalking, and sexual assault. The full extent of the data theft, which was discovered on Tuesday, is not yet known but if AVOs are in the hands of cybercriminals, they would prove valuable bargaining tools should extortion play a role in proceedings. Given the nature of AVOs, leaking them could expose the names and addresses of both the victims and the alleged offenders. Law enforcement officials are working to contact those whom they believe might be affected, and urged anyone who thinks their data could be involved but hasn't been contacted to file a report via ReportCyber, Australia's cybercrime reporting service. "I've been advised by the Department of Communities and Justice about a significant cyber breach affecting the NSW Online Registry Website," said Michael Daley, NSW's attorney general, in a press statement. "The NSW government is taking this incident seriously. I am assured that DCJ is working with Cyber Security NSW [and] the NSW Police to ensure the ongoing integrity of the system. "They are also working to urgently identify and contact affected users and the public will be kept updated as more information becomes available." The attack comes a year after neighboring state Victoria's court system discovered it was hit by a suspected ransomware attack, one that saw criminals make off with various audio-visual files stored on its network. The main concern was that hearings held between November and December 2023 files were compromised, but others dating back to 2016 were found too.