The personal information included health records, financial details and information about “political and religious affiliations, sexual orientation and criminal records”.
Chief strategy officer Russell Mailler said in his affidavit that the firm had refused to pay a ransom, said to be $5 million, to the ALPHV group – also known as Black Cat.
Mr Mailler said that when the hackers first contacted HWLE via email on April 28, “it was reviewed and dismissed as spam due to its nature”.
He said ALPHV had been in regular contact with the firm over the next six weeks and that a “final warning” was delivered on June 3.
“HWLE continued not to respond to, or otherwise engage in any way with ALPHV, and was not prepared to entertain paying the ransom or enter into any negotiations with respect to that ransom demand.”
About a third of the claimed haul of 4 terabytes of data was released to the dark web on June 9, and law firms and businesses have since been trawling through the data dump to see if they are included.
HWLE partner Andrew Miers said in his affidavit that the firm had engaged forensic investigators McGrathNicol to review the breach and had already paid them $250,000.
He added that partners and staff had spent at least 5000 hours on the task and noted the figure – like the bill for McGrathNicol – would “continue to increase”.
At Wednesday’s hearing, Justice Hammerschlag refused an application by lawyer Larina Alick for Nine, owners of this masthead, to make submissions opposing the terms of the injunction.
However, the judge amended his interim order to allow third parties affected by the injunction to apply to the court to vary its orders.
HWLE is Australia’s largest legal partnership, with 278 partners and 1400 staff, and is headed by managing partner Juan Martinez.