Helping clients protect and recover value through proactive cyber risk identification and management, and rapid action in response to a breach.
Helping clients to manage risk and regulatory compliance and respond to incidents of financial crime.
Uncover, analyse and clarify facts at the centre of disputes, frauds and other sensitive commercial matters.
Providing advisory and accelerated implementation services to the public and private sector.
We advise on, develop, transact and invest in real estate and infrastructure.
Working with organisations and the public sector to stabilise operations or to recover value on behalf of stakeholders.
We are Asia-Pacific’s trusted advisers in cybersecurity, financial crime, forensic, performance improvement, real estate and restructuring.
Our reach is global with offices across Australia, New Zealand, Indonesia and Singapore.
ESG is a fundamental part of the way we do business. We take tangible action to make a difference for our people, clients, and communities.
Driven by an entrepreneurial spirit and a different mindset, celebrate the firm’s 20th anniversary.
Cyber incident response
Our client became aware of a data breach disclosing highly sensitive customer information. The client used a commercial storage solution to share and exchange data internally and externally with authorised clients. Due to a misconfiguration made by untrained and inexperienced members of the internal IT team, extremely sensitive client data was inadvertently exposed and made publicly available. KordaMentha was subsequently engaged to provide independent investigation support to assist the board and executive team in identifying and quantifying the level of exposure the business had because of the incident.
The client was an international operation with multiple global clients (including government). One of our challenges was differentiating legitimate access to the exposed data and access by unknown and possibly malicious actors. Implementing our cyber breach workflow, we identified and engaged with the key stakeholders to obtain relevant information, isolate the breach and commence analysis. Leveraging our data analytics tools, we extracted and reviewed over 16 million log entries to pinpoint the unauthorised access. We assessed the nature of files subject to unauthorised access and investigated whether partially downloaded files might also have exposed confidential client and company information. Our team conducted a forensic analysis of several partially downloaded file types, which included zip files. We further leveraged the power of our document review platform, RelativityOne, to enable client review and categorisation of the sensitivity of potentially exposed documents. The results of our analysis equipped us to clarify our client’s level of exposure risk to the executive team. Our findings were then provided in an expert report to the legal team.
Blog
26 November 2024
The Supreme Court of NSW has recently released Practice Note SC Gen 23, an important guideline for the use of Generative AI in legal practice. Th...
Media Release
8 November 2024
KordaMentha has been recognised twice in the Australasian Lawyer’s 2024 Service Provider Awards as one of the best legal tech and legal service p...
30 October 2024
KordaMentha welcomed the opportunity as the only representative from the advisory and consulting sector to participate in further debate as Senat...
21 October 2024
Rachel Waldren, Financial Crime Partner, explains why we need bipartisan support for vital regulatory changes in the form of The Anti-Money Laund...