Noosa Shire Council has revealed it was the victim of a sophisticated international fraud during the Christmas period, losing $1.9M to organised criminal gangs.
CEO Larry Sengstock says the fraud was perpetrated by international criminals using advanced AI social engineering techniques – not through a cyber security breach of council systems.
Importantly, no council data was stolen, no services were disrupted, and the public was not affected. External forensic IT experts have confirmed council systems remain secure.
The incident has been under investigation by Australian Federal Police and Interpol, which is why council couldn’t go public until now – police had directed them to remain silent to protect the ongoing investigation.
Mr Sengstock said no council staff were at fault or involved, and says the criminals were highly organised professionals who managed to bypass existing security processes.
Council has since implemented recommendations from the Queensland Audit Office and is installing additional third-party software to strengthen controls.
Mr Sengstock said the incident is a warning to other councils and businesses to remain vigilant and continually review their financial procedures, as scams and fraud attempts are on the rise across Australia.