Strata Republic: Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group

Kairos Ransomware Group Claims Attack on Strata Republic, Threatens Data Leak

The Kairos ransomware group has listed Strata Republic, a Sydney-based strata management firm, as the latest victim of a cyberattack. On April 17, the hackers posted details of the breach on their darknet leak site, alleging they exfiltrated 441 GB of data from the company.

As proof of the intrusion, Kairos published several redacted documents, including:

• A letter of reprimand for a Strata Republic employee
• A strata plan balance sheet
• An income tax report containing a Tax File Number (TFN)
• A driver’s licence of an employee
• A photograph from a company Christmas party, depicting a group of men around a topless woman

While Kairos has not disclosed its ransom demand, the group has threatened to release the full dataset within five days if their demands are not met. Strata Republic has not responded to requests for comment.

About Kairos

First identified in November 2024, Kairos has since claimed attacks on at least 80 victims, including six in Australia. The group operates on Russian-language hacking forums and, according to threat intelligence firm Cyjax, appears to be an independent operation with no confirmed ties to other ransomware groups.

Among its recent targets is FriendlyCare Pharmacy, a Queensland-based pharmacy chain, which was listed earlier this month.

About Strata Republic

Headquartered in Pyrmont, Sydney, with an additional office in Byron Bay, Strata Republic provides strata management services for both commercial and residential properties, including Building Management Committees. The company serves apartment complexes in Camperdown, Zetland, and Erskineville and markets itself as offering technology-driven, responsive strata management with a focus on communication and efficiency.

Source: https://www.cyberdaily.au/security/13487-exclusive-nsw-based-strata-republic-allegedly-breached-by-kairos-ransomware-group

Strata Republic cybersecurity rating report: https://www.rankiteo.com/company/strata-republic

"id": "STR1776673763",
"linkid": "strata-republic",
"type": "Ransomware",
"date": "4/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Real Estate / Property Management',
                        'location': 'Sydney, Australia (Headquarters: Pyrmont; '
                                    'Additional office: Byron Bay)',
                        'name': 'Strata Republic',
                        'type': 'Strata management firm'}],
 'data_breach': {'data_exfiltration': 'Yes (441 GB of data exfiltrated)',
                 'file_types_exposed': ['PDF (letter of reprimand, balance '
                                        'sheet, tax report)',
                                        'Image (driver’s licence, photograph)'],
                 'personally_identifiable_information': 'Yes (TFN, driver’s '
                                                        'licence, employee '
                                                        'photograph)',
                 'sensitivity_of_data': 'High (includes Tax File Number, '
                                        'driver’s licence, and other sensitive '
                                        'documents)',
                 'type_of_data_compromised': ['Employee records',
                                              'Financial documents',
                                              'Personally Identifiable '
                                              'Information (PII)']},
 'date_publicly_disclosed': '2025-04-17',
 'description': 'The Kairos ransomware group has listed Strata Republic, a '
                'Sydney-based strata management firm, as the latest victim of '
                'a cyberattack. The hackers posted details of the breach on '
                'their darknet leak site, alleging they exfiltrated 441 GB of '
                'data. As proof, they published redacted documents including a '
                'letter of reprimand, a strata plan balance sheet, an income '
                'tax report with a Tax File Number (TFN), a driver’s licence, '
                'and a photograph from a company event. Kairos has threatened '
                'to release the full dataset within five days if their demands '
                'are not met.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'data leak threat',
            'data_compromised': '441 GB of data exfiltrated',
            'identity_theft_risk': 'High (exposure of TFN, driver’s licence, '
                                   'and other PII)',
            'legal_liabilities': 'Potential legal liabilities due to exposure '
                                 'of sensitive data (e.g., TFN, driver’s '
                                 'licence)'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain',
 'ransomware': {'data_exfiltration': 'Yes (441 GB of data exfiltrated)',
                'ransomware_strain': 'Kairos'},
 'references': [{'date_accessed': '2025-04-17',
                 'source': 'Kairos darknet leak site'},
                {'source': 'Cyjax (threat intelligence firm)'}],
 'regulatory_compliance': {'regulations_violated': ['Potential violations of '
                                                    'Australian Privacy '
                                                    'Principles (APPs) under '
                                                    'the Privacy Act 1988']},
 'threat_actor': 'Kairos ransomware group',
 'title': 'Kairos Ransomware Group Claims Attack on Strata Republic, Threatens '
          'Data Leak',
 'type': 'Ransomware'}