Global Ransomware Gang Targets Australian Family Law Firm, Leaks Sensitive Data

Paterson & Dowdling Family Lawyers, a major law firm in Western Australia, has confirmed a cyber attack. This comes after a ransomware group leaked private client data.

The firm specializes in sensitive family law matters, and the hackers have now published some of these personal details online.

A Grim Discovery on the Dark Web

The trouble began when the Anubis ransomware gang posted Paterson & Dowding on its dark web site. The group posted a detailed sample of data it supposedly stole. They then announced they would expose the “fates of ordinary families” who sought the firm’s help.

Anubis split the leaked sample into three disturbing categories. These were client financial data, client business data, and deeply personal information. The gang stated that lawyers need extensive financial details to resolve family disputes. They promised that this data was now in the breach.

The financial data sample included superannuation statements and tax information. It even featured a screenshot of a crypto wallet. The business data contained private company correspondence and financial documents. But the most invasive leak was the personal data.

Highly Personal Information Exposed

The ransomware gang leaked intimate details from one client’s life. This included private text messages between the client and his family members. The sample also contained emails and a screenshot of a Facebook post.

All these documents are related to ongoing familial disputes. Anubis cynically noted that the law firm became a “source of new stress” for its clients. The public exposure of such private information is deeply damaging. It adds immense pressure on people already in stressful legal situations.

In response, a spokesperson for Paterson & Dowding confirmed the incident. They said the firm noticed unusual activity and took immediate action. External experts were engaged to contain the problem.

The Firm’s Response and Ongoing Investigation

“We recently experienced a cyber incident that impacted our firm,” the spokesperson said. “Unfortunately, we have identified that a subset of personal information was accessed and taken.”

Paterson & Dowding knows their data’s out there on the dark web, so they’re investigating to see exactly what info got out. They are notifying all their clients and staff about the situation.

The firm’s spokesperson issued an apology for the distress and any inconvenience caused. They informed the Information Commissioner’s Office and the Cyber Security Centre to ensure the right people are aware.

Anubis is a pretty new ransomware group — it first appeared in early 2025. The sophistication of such new gangs often mirrors a disturbing trend in cybercrime: the involvement of individuals with formal security training, as highlighted by the recent case of security experts who became ransomware affiliates (and now face federal charges). Anubis uses the tactic of shaming victims. They do this by detailing the sensitive data they steal. This is done to pressure companies into paying a ransom. This attack on a law firm is part of a worrying global trend where ransomware gangs are increasingly targeting organizations that hold highly sensitive data, as seen in the recent breach at a key Swedish IT firm that exposed the data of 1.5 million people. For the families involved this time, the damage from this privacy violation is already done.

This kind of data breach is honestly brutal. We’re not just talking about someone swiping a few bucks; it’s way deeper. Personal messages, emails, bank details, and stuff you’d never want out there suddenly popping up in the middle of a messy divorce or a fight over your kids is like nightmare fuel. It deals an extra gut punch to families already passing through crises.

It’s not just privacy on the line; it’s your whole life getting yanked inside out. It adds fuel to legal battles and leaves them feeling exposed and unsafe, right when they’re at their lowest.