Austin's Financial Solutions

Summary

Austin's Financial Solutions, a New South Wales wealth management firm, suffered a ransomware attack claimed by the Kairos ransomware gang. The attackers stole 147 gigabytes of data including employee passport scans, payroll information, and employment contracts. The breach was publicly disclosed in January 2025 after the company failed to respond to ransom demands within the seven-day deadline.

What Happened

The Kairos ransomware group gained unauthorised access to Austin's Financial Solutions' systems and exfiltrated 147 gigabytes of company data. Following their standard operating procedure, the attackers gave the company seven days to respond to their ransom demands. When that deadline passed without payment, Kairos published proof of the breach on their dark web leak site in mid-December 2024, including samples of the stolen data.

The ransomware gang customises their ransom demands based on each victim's income and expenses, and offers a 20 per cent discount for early payment. The group operates on Russian-language hacking forums and does not appear to be affiliated with other major ransomware operations.

Impact on Individuals

The breach exposed sensitive employee information including:

• Passport scans that could be used for identity theft
• Payroll data containing financial information
• Employment contracts with personal details

Affected employees face risks of identity fraud and should monitor their financial accounts for suspicious activity. Anyone whose passport details were compromised should be aware that criminals may attempt to use this information to create fraudulent identity documents or open accounts in their names.

Organisational Response

Austin's Financial Solutions, based in Mona Vale, NSW, did not respond to media requests for comment about the incident. The company offers retirement planning, investment portfolio management, and self-managed superannuation fund services to clients.