A ransomware gang has targeted SA’s Wattle Range Council, threatening to release over 40,000 stolen files. 

Cybercriminals allegedly from a group called ‘LockBit’ posted details of the attack on their darknet leak site, displaying sample images of stolen documents and setting a deadline of 4 August for payment of an unspecified ransom.

A screenshot reveals that the gang stole 103 gigabytes of data across more than 7,000 folders, encompassing a total of 46,248 files. 

The stolen data includes a variety of sensitive documents such as complaint notices, rate notices, tax invoices, and banking applications containing credit card details. 

Other stolen items include a list of cash transactions at the Southern Ocean Tourist Park, complete with customers’ names and locations of their stays.

The Wattle Range Council says the data appears to be from a legacy server, which mostly contains publicly available information and internal working documents. 

LockBit has claimed numerous victims worldwide. 

In the past month, they have hacked 31 organisations across various industries, including hospitals, schools, and even the US FBI.

Cybersecurity expert Paul Haskell-Dowland from Edith Cowan University says the situation shows the vulnerability of local councils.

“They have high-value information that can be resold, but they're also offering critical services. Plus, we shouldn't underestimate the opportunity to pivot from local government systems into state or federal government systems,” he said. 

The Australian Cyber Security Centre has reportedly been informed, and the council says it has monitoring systems in place to detect any further developments or publication of their data. 

More details are accessible here.