HWL Ebsworth, one of Australia’s largest law firms with over 2,500 staff and a significant federal and state government client base, was attacked by the ALPHV/BlackCat ransomware group in April 2023. ALPHV claimed responsibility in May 2023 and began publishing stolen data after HWL Ebsworth declined to pay the ransom. The group published approximately 1.1 terabytes of data including confidential legal documents, financial statements, HR records, and — most significantly — sensitive data relating to HWL Ebsworth’s government clients. The Australian Cyber Security Centre (ACSC) and Australian Federal Police (AFP) were engaged. Up to 65 Australian government agencies were identified as potentially having sensitive data exposed through the breach, including the Department of Home Affairs, the National Disability Insurance Agency (NDIA), the Reserve Bank of Australia, the Australian Taxation Office (ATO), the Australian Federal Police (AFP), and numerous state government departments. The breach prompted an emergency whole-of-government response from the Australian government. The exposure of sensitive legal advice and government contracts through a law firm breach demonstrated the particular risk of legal service providers as a vector for government data exposure. An Australian court granted an injunction preventing Australian media from publishing specific documents from the leaked data that contained sensitive government material. The incident led to significant reviews of how Australian government agencies manage data shared with external legal advisors.