Australian university student and staff data hacked in sophisticated cyber attack

Cyber Security
Cyber Security Pixabay

The Australian National University (ANU), located in Canberra, stated on Tuesday, June 4 that it had been attacked by the hackers. The national research university also said cyber criminals successfully gained access to the personal information of up to 200,000 students and employees dating back 19 years.

It should be noted that this data breach was detected two weeks ago but it is not the first attack on ANU, as the China-based hackers infiltrated the university's IT systems in July 2018.

As per the reports, the cyber attack was conducted by a "sophisticated operator." However, the government agency, who is responsible for Australian cyber security, did not confirm whether a state actor was involved or not.

The authority revealed that the attackers gained the access to the information which includes names, email addressed, phone numbers, tax-file numbers, payroll information, bank account and passports details as well as student academic records.

ANU's chief information security officer told the staff and the students to change their passwords as well as monitor incoming emails and use updated systems on their personal devices.

Vice-Chancellor Brian Schmidt sent a message to the staff and students at around 11 am on Tuesday, after the discovery of the cyber attack. He mentioned that the data breach was detected this year on May 17 after the authority noticed a "sophisticated operator" accessed the system illegally.

He also assured the students and the employees by stating that the university authority closely working with Australian government security agencies and industry security partners for further investigation.

In addition, Schmidt also said there is no evidence which showed that the attack had affected any research paper. He even clarified that the systems which store details on credit cards, travel, medical records, police checks, workers' compensation, vehicle registration numbers and some performance records "have not been affected."

When the Australian Signals Directorate was asked whether this data breach is linked to the previous attack, a spokesperson replied that it would be too early to speculate any connection to other compromises.

In a statement, the spokesperson said, "Proper and accurate attribution of a cyber incident takes time and any attribution would be done in a measured fashion."

It also added that ASD through the Australian Cyber Security Centre is currently working with ANU to secure the networks, protect users and investigate the full extent of the data breach.

As per The Canberra Times, Schmidt said that for the past two weeks, the ANU staff have been "working tirelessly to further strengthen our system against secondary or opportunistic attacks."

He also mentioned that the university should continue to improve and invest in our IT security to ensure the cybersecurity.

"We are taking this incident extremely seriously and we are doing all we can to improve the digital safety of our community," he further added.