Australian National University Hit by Wide Scale Data Breach
The Australian National University is picking up the pieces following a data breach that saw a “significant” amount of financial details from staff and students compromised by a “sophisticated operator”.
The ANU has since outlined that details of up to 200,000 people were compromised in the attack, based on annual staff and student turnover. The private and financial details that were accessed date back as far as 19-years, according to a statement.
The breach was confirmed by Vice Chancellor and Nobel prize winner Brian Schmidt, who issued a statement outlining that “with profound regret I inform you that we have been victims of a data breach that has affected personal data belonging to our community.”
“In late 2018,” he Schmidt explained, “a sophisticated operator accessed our systems illegally. We detected the breach two weeks later.”
“We believe there was unauthorised access to significant amounts of personal staff, student and visitor data extending back 19 years.”
Data implicated in the hack includes names, addresses, dates of birth, phone numbers, personal email addresses, tax file numbers, payroll information, bank account details, passport details and student academic records.
“We must always remain vigilant, alert and continue to improve and invest in our IT security,” Vice Chancellor Schmidt said.
The University also outlined that the credit card details, travel information, medical records, police checks, workers’ compensation, vehicle registration numbers and performance records had not been implicated in the attack.
The ANU has confirmed it is collaborating with the Australian Cyber Security Centre to secure its networks, and open up a full investigation into the breach of its system.
“This compromise is a salient reminder that the cyber threat is real and that the methods used by malicious actors are constantly evolving,” a spokesperson from the Australian Cyber Security Centre said.
“This compromise is a salient reminder that the cyber threat is real and that the methods used by malicious actors are constantly evolving.”
“Unfortunately, a malicious actor with sufficient capability, time and resources will almost always be able to compromise an internet-connected computer network,” the spokesperson warned.
The Guardian quoted Greg Austin, a cyber security export from the University of New South Wales who said universities like the ANU are particularly at risk of cyber attacks.
“It’s fair to say states, major powers with cyber espionage capabilities do target universities because the elites of various countries attend those universities,” he said.
The ANU has set up a hotline for concerned staff and students: 1800 275 268.