A NSW strata management firm, Strata Republic, has allegedly been breached by the Kairos ransomware group, with 441 GB of data — including tax file numbers, driver’s licence scans and employee ID documents — posted to the group’s leak site, as reported by Real Estate Business. Kairos has threatened to publish the full dataset within five days of its 17 April announcement.

If you run a strata firm — or sit on a body corporate committee — this is exactly the incident profile you need to be prepared for. At All IT Services we’ve been managing IT and cybersecurity for NSW strata firms for more than 20 years, and the patterns behind these breaches are remarkably consistent.

Why strata firms are high-value targets

Strata businesses sit on a gold mine of personal data that attackers love:

• Identity documents — driver’s licence scans, passports and 100-point ID from owner onboarding.
• Tax file numbers — collected for contractor payments, levies and payroll.
• Financial records — trust account statements, strata plan balance sheets, BAS and tax reports.
• Sensitive correspondence — disputes, legal advice, insurance claims, committee minutes.

All of that is protected personal information under Australia’s Privacy Act — and under the current reform agenda, the penalties for failing to protect it are climbing sharply. A single compromised strata plan’s records is enough to trigger a notifiable data breach under the OAIC’s scheme.

The common weak points we see

Twenty-plus years of working with NSW strata managers has given us a clear view of where these incidents actually start. Nine times out of ten it’s one of these four:

• Email account compromise via phishing — still the overwhelming initial access vector.
• Shared mailboxes and handover accounts without MFA — the forgotten corners of a tenant.
• Local file servers without immutable or offsite backups — so when ransomware runs, it encrypts the backups too.
• Third-party portals (trust accounting, owner-comms platforms, maintenance scheduling) connected via OAuth with no review of who has access to what.

What to do this week

1. Turn on MFA on every mailbox — no exceptions, including owners’ committee reps with access to your systems.
2. Check your backups are immutable and offsite. If the backup drive is on the same network as the data it’s protecting, it’s not a backup.
3. Audit your OAuth-connected apps in Microsoft 365 or Google Workspace and remove anything staff no longer use.
4. Run a phishing simulation. If you haven’t done one this quarter, the clock has run out.

Where All IT Services fits in

All IT Services is an NSW-based managed IT and cybersecurity provider with a track record working alongside strata firms across Sydney, the Central West and regional NSW for over two decades. We understand how trust accounting software, owner portals and document management platforms actually fit together in a strata business — and what a realistic, risk-based plan looks like when you’re balancing security against day-to-day operations.

If your strata business hasn’t had an independent review of its cybersecurity posture this year, our team can run one within a fortnight. In an environment where ransomware groups are actively targeting Australian professional services firms, this isn’t a conversation to be having for the first time after an incident.