Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Council warned of a cyber incident last month, but ransomware gang SafePay has since published 175 gigabytes of stolen data.
The SafePay ransomware gang listed Muswellbrook Shire Council as a victim on its darknet leak site last month, with the council posting notice of a cyber incident around the same time.
However, since SafePay later uploaded the data exfiltrated from Muswellbrook Shire Council’s network, the council has now confirmed that data was stolen and is continuing to investigate the incident.
“Following a cyber incident last year, Muswellbrook Shire Council is aware that a third party has disclosed a dataset online alongside claims this data was taken from our IT environment,” a council spokesperson told Cyber Daily today, 17 January.
The same notice has now been listed on the council’s website
“We are working as a priority to determine exactly what these files contain as part of a detailed and comprehensive review,” the spokesperson said.
“From our investigation to date, we believe the impacted data primarily relates to internal council operations and procedures, and some information relating to our staff. We have provided our staff with guidance and support on how to respond. Should we find that other personal information has been impacted, we will contact any affected individuals to provide advice and steps to protect themselves, in line with our obligations.”
A brief analysis of the content published by SafePay in December includes council correspondence, details of rate payments, and some personal information related to employees and residents.
“We take cyber security extremely seriously and have notified the Australian Cyber Security Centre (ACSC), the NSW Information and Privacy Commissioner (NSW IPC) and the Office of the Australian Information Commissioner (OAIC) about this incident,” the spokesperson said.
“We understand this news may cause concern, and we want to thank our staff, residents and other stakeholders for their ongoing support as we work to resolve this as swiftly as possible. We will provide further updates as required as more relevant information becomes available.”
Muswellbrook Shire Council is SafePay’s fourth victim in the ANZ region since it was first observed in late November 2024. Its previous victims were Snow Brand Australia and the Australian Centre for Heart Health, while its New Zealand victims were Triton Sourcing & Distribution and law firm Bell & Graham.
According to research by cyber security firm Huntress, SafePay only began operating within the last couple of months of 2024. The gang is thought to be Russian-speaking or based in Russia itself, as part of its attack process is scanning for systems that feature the Cyrillic character set as its default language.
Muswellbrook Shire is in NSW’s Upper Hunter Region and, as of the 2016 census, had a population of 16,086. The shire includes the towns of Muswellbrook, Denman, Baerami, McCullys Gap, Martindale, Muscle Creek, Sandy Hollow, Widden and Wybong.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
