Sydney-based real estate firm The Property Business has been hit by the Kairos ransomware group, with 164GB of data reportedly stolen. The attack highlights the growing threat to Australia's property sector, which holds sensitive client financial and personal information.
The U.S. has charged Ukrainian national Volodymyr Tymoshchuk for his role in the LockerGoga, MegaCortex, and Nefilim ransomware attacks that targeted over 250 American companies and hundreds more worldwide. The State Department is offering a $10 million reward for information leading to his arrest.
Australia has gone all-in on quantum, betting billions on PsiQuantum’s Brisbane facility while building alliances and spin-outs from Sydney to Chicago. With defence contracts, investor momentum and Five Eyes strategy at stake, Canberra’s gamble is to lead, not follow, in the quantum race.
Sydney-based real estate firm The Property Business has been hit by the Kairos ransomware group, with 164GB of data reportedly stolen. The attack highlights the growing threat to Australia's property sector, which holds sensitive client financial and personal information.
Cyber News Centre's cyber update for 17th September 2025: Sydney real estate agency The Property Business has been targeted by the Kairos ransomware group, which claims to have stolen 164GB of data.
The Property Business is a specialist real estate agency with over 18 years of experience in corporate and executive rentals across the Sydney CBD and surrounding areas. The firm works with corporate clients, relocation agencies, and government departments, managing both furnished and unfurnished properties.
Update: The Kairos ransomware group has listed The Property Business on its dark web leak site, claiming to have exfiltrated 164GB of data in an attack on 16 September 2025. This makes the Sydney-based firm the fourth Australian organisation to be listed as a victim by the group, which has been active since late 2024. Kairos has previously targeted sectors including education and healthcare, and has hit other Australian businesses. These claims remain unverified, and The Property Business has not yet released a public statement regarding the attack.
The claimed theft is significant and may involve sensitive personal and financial details of clients and partners, given the nature of the real estate industry. The Australian Cyber Security Centre (ACSC) has issued general warnings on ransomware, urging organisations to maintain strong security measures and avoid paying ransoms.
Why it Matters: The incident underscores the vulnerability of the real estate sector to cyber attacks. Agencies handle large volumes of sensitive data, from financial records and personal identification to property details, making them lucrative targets for cybercriminals. A breach of this kind can result in financial loss, reputational damage and legal consequences. It is a reminder for Australian businesses, especially in property, to reassess and strengthen their cyber security posture.
The ACSC warns: “Never pay a ransom. There is no guarantee you will regain access to your information, nor prevent it from being sold or leaked online. You may also be targeted by another attack.”
Cyber News Centre will provide further updates as more information becomes available.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
The U.S. has charged Ukrainian national Volodymyr Tymoshchuk for his role in the LockerGoga, MegaCortex, and Nefilim ransomware attacks that targeted over 250 American companies and hundreds more worldwide. The State Department is offering a $10 million reward for information leading to his arrest.
Australia has gone all-in on quantum, betting billions on PsiQuantum’s Brisbane facility while building alliances and spin-outs from Sydney to Chicago. With defence contracts, investor momentum and Five Eyes strategy at stake, Canberra’s gamble is to lead, not follow, in the quantum race.
A software misconfiguration in a Texas government online grant system has exposed the personal data of over 44,000 natural disaster victims. The breach, discovered in late July, revealed names, Social Security numbers, and financial information, highlighting ongoing security gaps in state systems.
Cornwell Quality Tools has confirmed a major ransomware attack by the Cactus group, exposing the personal and medical information of over 100,000 individuals. The breach, which occurred in December 2024, highlights the persistent threat of ransomware to the manufacturing sector.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
