About Us

We work collaboratively with our clients to build strong, sustainable relationships. Our team is committed to delivering consistent high standards of service, and we understand the importance of accessibility. Working with us, you'll enjoy open communication, meaning well scoped, properly resourced and effectively managed matters.

Learn More

Latest Case

Advising on market-changing divestments September 25, 2018

Maddocks  acted for the founder of Australia’s largest private pilot training school, Soar Aviation, on the group’s 50 percent sale to Australian private equity investor The Growth Fund. Soar Aviation was started in 2012 by … Continued

Latest News

Making a difference: Maddocks senior associate wins Australian Young Lawyer of the Year October 22, 2018

Monday 22 October 2018 Maddocks senior associate Tamsin Webster has been awarded the 2018 Australian Young Lawyer of the Year by the Law Council of Australia. Tamsin, a member of the firm’s Employment, Safety and … Continued

Latest Article

Government Procurement (Judicial Review) Act 2018 (Cth) expands scope for challenges to Commonwealth procurement decisions October 18, 2018

On 18 October 2018, the Senate passed the Government Procurement (Judicial Review) Bill 2017 (Cth) (the Bill) without amendment. The Bill received Royal Assent on 19 October 2018. The Government Procurement (Judicial Review) Act 2018 (Cth) … Continued

Massive Equifax data breach – a timely reminder (of what not to do)

Another massive data breach has hit the news with US listed ‘global information solutions company’ Equifax Inc. announcing a cybersecurity ‘incident’ potentially impacting a whopping 143 million US consumers.

To put this into context – that is nearly half the US population.

Equifax has confirmed that criminals exploited a US website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.

In response to the data breach, Equifax has set up a dedicated micro website with information and other resources for impacted individuals and customers.

Equifax, which is one the largest credit reporting agencies, has stated that the ‘information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 US consumers, and certain dispute documents with personal identifying information for approximately 182,000 US consumers, were accessed.’

The sheer volume and sensitive nature of the personal information compromised, likely puts affected individuals at real risk of serious harm (for example, identify theft or credit card fraud).

The company’s response to the serious breach has been criticised by Tech commentators including Tech Crunch pointing out that the dedicated response website ‘does not provide any functionality’ and that its calls to the dedicated hotline were going unanswered.

In alarming news it is also being reported that Equifax senior managers dumped $1.8 million in stock just before the PR disaster blew up. But according to Equifax, the senior managers had no knowledge that an intrusion had occurred at the time. Stay tuned….

Unfortunately for Equifax, it is providing a helpful case study in how not to respond to a data breach.

As we have previously reported, data breaches are becoming a fact of life, and early next year in Australia serious breaches must be notified to affected individuals and the Office of the Australian Information Commissioner in certain circumstances.

To find out what you should be doing you might find the following Maddocks/Commvault fact sheets helpful:

Does your organisation have a data breach response plan in place? If you are a listed company, what does your data breach response plan say about trading shares?

We would love to hear your thoughts on this case study and whether it has promoted your organisation to consider any revisions to its processes and practices.

Author:
Sonia Sharma | Senior Associate
61 2 9291 6143
sonia.sharma@maddocks.com.au

Another massive data breach has hit the news with US listed ‘global information solutions company’ Equifax Inc. announcing a cybersecurity ‘incident’ potentially impacting a whopping 143 million US consumers.

To put this into context – that is nearly half the US population.

Equifax has confirmed that criminals exploited a US website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.

In response to the data breach, Equifax has set up a dedicated micro website with information and other resources for impacted individuals and customers.

Equifax, which is one the largest credit reporting agencies, has stated that the ‘information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 US consumers, and certain dispute documents with personal identifying information for approximately 182,000 US consumers, were accessed.’

The sheer volume and sensitive nature of the personal information compromised, likely puts affected individuals at real risk of serious harm (for example, identify theft or credit card fraud).

The company’s response to the serious breach has been criticised by Tech commentators including Tech Crunch pointing out that the dedicated response website ‘does not provide any functionality’ and that its calls to the dedicated hotline were going unanswered.

In alarming news it is also being reported that Equifax senior managers dumped $1.8 million in stock just before the PR disaster blew up. But according to Equifax, the senior managers had no knowledge that an intrusion had occurred at the time. Stay tuned….

Unfortunately for Equifax, it is providing a helpful case study in how not to respond to a data breach.

As we have previously reported, data breaches are becoming a fact of life, and early next year in Australia serious breaches must be notified to affected individuals and the Office of the Australian Information Commissioner in certain circumstances.

To find out what you should be doing you might find the following Maddocks/Commvault fact sheets helpful:

Does your organisation have a data breach response plan in place? If you are a listed company, what does your data breach response plan say about trading shares?

We would love to hear your thoughts on this case study and whether it has promoted your organisation to consider any revisions to its processes and practices.

Author:
Sonia Sharma | Senior Associate
61 2 9291 6143
sonia.sharma@maddocks.com.au