The Australian National University recently discovered a major data breach that affected students’ and University’s sensitive information. According to the University’s Vice Chancellor Brian Schmidt, unknown cybercriminals attacked University’s systems and accessed personal information late in 2018, which was recently discovered by the University authorities on May 17, 2019. It’s believed that the hackers had unauthorized access to 19 years of significant amounts of information related to personal staff, students, and visitors.
The exposed information included names, addresses, dates of birth, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details, passport details, and student academic records, according to Schmidt.
However, Schmidt clarified that the data like credit card details, travel information, medical records, police checks, workers’ compensation, vehicle registration numbers, and some performance records were not affected by the incident.
Commenting on the breach incident Brian Schmidt said, “We’re working closely with Australian government security agencies and industry security partners to investigate further. The University has taken immediate precautions to further strengthen our IT security and is working continuously to build on these precautions to reduce the risk of future intrusion.”
“The Chief Information Security Officer will be issuing advice shortly on measures we can all take to better protect our systems and I strongly encourage you all to implement those measures. That advice, frequently asked questions, contact details for support, and more information about the breach is available now via our homepage,” Schmidt added.
Recently, the parliament of Australia stated that they’ve noticed an unknown intruder apparently tried to hack their computer systems. According to the official statement, hackers tried to break into the parliament’s computer network that includes lawmakers’ email archives. However, the parliament officials clarified that there were no indications of data theft so far. They also stated that they’re updating all the passwords of its network systems and started an investigation. It’s believed that a foreign government was behind the attack, possibly China.
Prime Minister Scott Morrison made clear that no Federal Government departments had been targeted in the attack. “I don’t propose to go into any sort of detailed commentary on the source or nature of this. Once further information is available then we will be able to provide further detail,” Scott Morrison added.
The Australian government faced several criticisms on its cybersecurity landscape in recent years. An inspection by the Australian National Audit Office (ANAO) exposed the failure of government organizations to implement cybersecurity requirements. The ANAO’s fourth report on the cyber resilience of government departments and agencies states that except the Treasury Department both the National Archives and Geoscience Australia failed to implement the top four mandatory cybersecurity strategies instructed by the Australian Signals Directorate (ASD).