Earlier in June, the Nova ransomware operation made an alarming claim – namely, that it had hacked the New South Wales government and was intending to publish a swathe of sensitive information.
Marie Patane, NSW chief cyber security officer and executive director Cyber Security NSW, downplayed the claims at the time, saying the data provided as a sample of the hack was merely “publicly available and historical information” and that there was no evidence of any intrusion into government networks.
Fast forward to June 25, and in a seemingly separate incident, the New South Wales Rural Fire Service began notifying its members of a cyber security incident that may have seen some historical data exposed.
“Investigations to date indicate many of the files are historical. Furthermore, there is no evidence to suggest sensitive personal information has been accessed or that any information has been obtained, which, if disclosed, could adversely affect individuals,” acting commissioner, Kelly Quandt AFSM, said in an email seen by Cyber Daily.
“Our investigation is ongoing, and we are taking a cautious approach while further technical analysis is undertaken.”
Now, over the weekend, both puzzles have been solved, with Nova delisting the New South Wales government and listing the NSW RFS in its stead.
The datasets – largely contour maps of regional New South Wales and details of Emergency Response Projects – also appear identical.
Cyber Daily has reached out to the NSW RFS for further information.
Who is Nova?
Nova is responsible for 140 leak posts in total, with 25 alone in May 2026, since it first emerged in early 2025
The group considers itself a ransomware-as-a-service group, splitting any ransom payments with affiliates based on their performance. The lowest split is 75/25, with the bulk going to affiliates, while better performers can take advantage of a 95/5 split.
On its leak site, the group outlines its affiliate program in Russian, Chinese, and English.
“Nova will provide Guide, CVEs exploits in news section, Logs Checker service, Tools (customised and Paid tools for free), and Lot of things that help to up your skills and make success attacks,” the group said.
The NSW RFS is the group’s first Australian victim.
Who is the NSW RFS?
The New South Wales Rural Fire Service is the largest volunteer fire service in the world and responds to emergencies in country NSW, ranging from motor vehicle accidents to structural fires.
According to the Service’s website, it currently employs more than 69,000 volunteers across 110 Local Government Areas. In the 2024/25 period, the RFS responded to more than 32,000 incidents across the state.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.