Helping clients protect and recover value through proactive cyber risk identification and management, and rapid action in response to a breach.
Helping clients to manage risk and regulatory compliance and respond to incidents of financial crime.
Uncover, analyse and clarify facts at the centre of disputes, frauds and other sensitive commercial matters.
Helping clients across private, corporate and government sectors deliver process improvement and cost effective solutions to meet on critical business requirements
Providing advisory and accelerated implementation services to the public and private sector.
We advise on, develop, transact and invest in real estate and infrastructure.
Working with organisations and the public sector to stabilise operations or to recover value on behalf of stakeholders.
Our unique mix of commercial expertise, deep defence sector experience, and focus on clear and actionable recommendations gives clients the confidence to act.
Helping educational institutions adapt to changing student needs and enhance operational efficiency in a competitive landscape.
Working with the public sector to stabilise operations or to recover value on behalf of stakeholders.
We are an independent and trusted advisory and investment firm, working across industries to support businesses with their most complex and sensitive commercial matters.
Our reach is global with offices across Australia, New Zealand, Indonesia and Singapore.
ESG is a fundamental part of the way we do business. We take tangible action to make a difference for our people, clients, and communities.
Driven by an entrepreneurial spirit and a different mindset, celebrate the firm’s 20th anniversary.
Cyber incident response
Our client became aware of a data breach disclosing highly sensitive customer information. The client used a commercial storage solution to share and exchange data internally and externally with authorised clients. Due to a misconfiguration made by untrained and inexperienced members of the internal IT team, extremely sensitive client data was inadvertently exposed and made publicly available. KordaMentha was subsequently engaged to provide independent investigation support to assist the board and executive team in identifying and quantifying the level of exposure the business had because of the incident.
The client was an international operation with multiple global clients (including government). One of our challenges was differentiating legitimate access to the exposed data and access by unknown and possibly malicious actors. Implementing our cyber breach workflow, we identified and engaged with the key stakeholders to obtain relevant information, isolate the breach and commence analysis. Leveraging our data analytics tools, we extracted and reviewed over 16 million log entries to pinpoint the unauthorised access. We assessed the nature of files subject to unauthorised access and investigated whether partially downloaded files might also have exposed confidential client and company information. Our team conducted a forensic analysis of several partially downloaded file types, which included zip files. We further leveraged the power of our document review platform, RelativityOne, to enable client review and categorisation of the sensitivity of potentially exposed documents. The results of our analysis equipped us to clarify our client’s level of exposure risk to the executive team. Our findings were then provided in an expert report to the legal team.
Blog
14 April 2025
Prudential Standard CPS 230 – Operational Risk Management that APRA has introduced comes into effect 1 July 2025. Learn about the key requirement...
2 April 2025
Understand the trends and the unique challenges of healthcare M&A to capitalise on the opportunities and navigate the complexities of the healthc...
Media Release
24 March 2025
Swinburne University of Technology and KordaMentha are taking bold action against the billions of dollars laundered in Australia through financia...
19 March 2025
The 2025 election will be the first for a long time where we know in advance the respective policy positions of the two major parties on higher e...