Noosa Shire Council has publicly acknowledged it was the target of a major fraud incident during the 2024 Christmas period, resulting in the loss of $2.3 million. The crime is under active investigation by the Australian Federal Police and Interpol.
In a message released on 13 October 2025, the CEO stated that the perpetrator was an “international criminal gang” and described the incident as a sophisticated fraud rather than a conventional cyberattack. The council emphasised that no personal data was stolen and no staff members were blamed, noting the fraud exploited procedural vulnerabilities.
According to reports, approximately $400,000 has been recovered so far, leaving $1.9 million unaccounted for. The stolen funds were rapidly transferred overseas.
Council Chief Executive Larry Sengstock (pictured) apologised to ratepayers and defended the delay in notifying the public, stating that council acted under instructions from law enforcement to delay disclosure until appropriate. He also affirmed that the incident would not affect council operations, service delivery, or budgeting decisions such as the upcoming rates schedule.
In response, the council is moving to tighten security, engage third-party software for enhanced protections, increase internal checks and balances, and review staff training and systems. The Queensland Audit Office has reportedly recommended supplementary safeguards be implemented.
Police remain involved in investigations, with assistance from the Joint Policing Cybercrime Coordination Centre (JPC3). Mayor Frank Wilkie has backed the CEO’s response and has assured the community that essential services remain unaffected.
Moving forward, Noosa Council has committed to greater transparency, stronger procedural resilience, and ongoing collaboration with law enforcement to recover remaining funds and deter future fraud.
