Many domestic violence victim-survivors who have sought help from Legal Aid ACT already fear that their perpetrators will track them down. Now, that risk has been heightened.
Cybercriminals have stolen the legal service's data and have demanded a ransom, which has been refused.
Legal Aid ACT chief executive Dr John Borsig said the decision to refuse the demands of the hackers was "very hard" and "awful" for clients, as there was now a risk that the private information of socially and economically disadvantaged Canberrans would be publicly and maliciously released.
However, Dr Borsig said refusing to pay was the right choice, in line with advice from the ACT government and ACT Policing.
The amount the cybercriminals demanded from Legal Aid ACT has not been revealed, but Dr Borsig described the figure as "not insignificant."
After discovering the hack, which occurred on November 3, Legal Aid ACT staff contacted hundreds of affected clients and identified about 15 individuals or families who would need immediate assistance to mitigate risks.
Dr Borsig said one client had to move house, while others have had to upgrade their home security systems to protect against perpetrators who may take advantage of any released data.
Police have been put on alert should the individuals need help in a crisis.
"Legal Aid ACT clients are people who have been subject to domestic and family violence, they are teenagers or older people, refugees, veterans, and people with disability," Dr Borsig said.
Domestic Violence Crisis Service chief executive Sue Webeck said the breach was incredibly concerning.
"We live in a time where those words strike fear in all of our hearts, but particularly for people who have the complexity of the experience of domestic and family violence," Ms Webeck said.
"[Victim-survivors] are already concerned for their day-to-day safety and wellbeing, outside of their information being leaked potentially to unknown sources."
She added that the relocation of survivors was disruptive, and that displacement risked harming people's sense of connection to community.
"Having to move or relocate is traumatic at the best of times, let alone ... if you're being informed that potentially, you are fleeing from immediate risk and danger," Ms Webeck said.
Legal ACT ACT said it believed the cyber attack was a crime of opportunity rather than a targeted hack.
About 6 per cent of the service's online files were downloaded and copied, with the stolen information ranging from confidential client details to policy documents of no security risk.
He added that the service's protective software had been fending off about "20 attacks per minute".
Legal Aid ACT clients who need help as a result of the breach can contact the helpline on 1300 654 314.
Paying ransom would put others at risk, police and government say
ACT Attorney-General Shane Rattenbury condemned the hackers as criminals who were "trying to make a buck" from the theft of vulnerable client data.
"It's like burglary, but it's just being done through computer systems ... and if the perpetrators are identified then they will be pursued with every legal means that we have," Mr Rattenbury said.
The attorney-general also praised Legal Aid ACT for deciding not to pay the ransom.
"We cannot get into a situation where we can start paying ransom to these cybercriminals. It simply puts the rest of our community in a vulnerable position as well, because once you start paying these sorts of ransoms, it will simply fuel the cybercrime business model," he said.
This latest hack comes after cybercriminals stole the personal information of millions of Australian Optus and Medibank customers.
In the case of Medibank, sensitive health data about abortions and drug and alcohol treatment has been published, devastating many victims.
In a statement, ACT Chief Police Officer Neil Gaughan echoed Mr Rattenbury's view that Legal Aid ACT has made the right decision not to submit to the demands of hackers,
"We know from other examples around the world that criminals will often take ransom money and release information anyway or start approaching individuals with additional ransom demands," Mr Gaughan said.
"Any ransom payment, small or large, fuels the cybercrime business model, putting other Australians at risk."
