Fairfield Council takes legal action after major data breach, uses Dropbox to contact hackers

Fairfield City Council, a local government authority in western Sydney, has initiated legal proceedings against unidentified hackers following a significant cyberattack that compromised sensitive data from its internal servers, prompting an unusual effort to communicate with the attackers through a court-approved method.

The breach occurred in October, when the council’s systems, containing personal, financial, and property information related to councillors, residents, ratepayers, and staff, were unlawfully accessed. A ransom note discovered during the incident indicated that the attackers had encrypted the council’s network and extracted sensitive data, threatening to publish the information unless contact was made through a designated online chatroom.

The individuals responsible for the attack have not been identified, and their location remains unknown, though they are believed to be operating خارج Australia. The group demanded payment as part of the extortion attempt.

In response, Fairfield City Council launched urgent legal action in November against “persons unknown.” The court granted permission for the council to serve legal documents to the attackers by posting a Dropbox link within the same chatroom specified in the ransom demand, enabling formal communication despite the anonymity of the perpetrators.

Following the breach, the council activated its incident response protocols and worked to secure its systems. Officials stated that, to date, there has been no evidence of misuse or public disclosure of the compromised data. Monitoring measures have been implemented to detect any suspicious activity moving forward.

Council representatives declined to provide further details regarding potential cybersecurity shortcomings or the organization’s capacity to defend against increasingly sophisticated cyber threats.