The Vice Society ransomware group today claimed responsibility for a December 2022 attack on an Australian state fire department that led to a widespread IT outage. Fire Rescue Victoria warned current and former employees and job applicants of data leak.
Although the threat group did not share many details about the leak or its negotiations with the fire department, it released a data set as proof of its claims. The leaked data includes budget documents, job applications and other sensitive information.
The Fire Rescue Victoria, which operates 85 fire stations in Melbourne and surrounding areas, also informed the Office of the Australian Information Commissioner of a possible data breach and is currently analyzing the data set shared by the threat actors on the dark web.
The analysis is a “complex task” but the fire department has engaged unnamed cybersecurity specialists and will provide further information as it becomes available, the FRV said.
Since the mid-December outage, the FRV has reinstated a number of systems, including access to telephone and email, but the overall IT infrastructure is not fully operational. Daily operations continue using offline resources such as dispatch crews, mobile phones, pagers and radios.
