Update from Disability Royal Commission on cyber-security incident

On 23 November 2020, the Royal Commission into Violence, Abuse, Neglect and Exploitation of People with Disability issued a media release following advice from Law In Order that they, as the Royal Commission’s document and evidence management service provider, had been affected by a cyber-security incident.

The Royal Commission is one of Law In Order’s many clients affected by the incident.

This is an update to the Royal Commission’s earlier release.

In response to the cyber-security incident, Law In Order immediately shut down a number of its key IT systems and commenced a forensic investigation of the incident.

Law In Order has now completed its investigation which concluded that a small number of the Royal Commission’s documents were subject to unauthorised access as a result of the incident.

The Royal Commission has notified the individuals and organisation whose documents were subject to the unauthorised access.

Law In Order has assured the Royal Commission that it has identified no evidence that any information in those documents has been viewed, published or otherwise misused as a result of the incident.

The Royal Commission regrets that the incident has occurred and acknowledges that some members of the public may be concerned. However, Law In Order has assured the Royal Commission that it has taken steps to prevent any future cyber-security incidents and, in particular, any unauthorised access to Royal Commission documents.