The Australian National University (ANU) in Canberra was the subject of a major breach affecting thousands of students, staff and visitors.
Vice chancellor Brian Schmidt revealed the university suffered a major breach late last year but which was only discovered two weeks ago.
“In late 2018, a sophisticated operator accessed our systems illegally,” Schmidt said.
“We believe there was unauthorised access to significant amounts of personal staff, student and visitor data extending back 19 years.
“We detected the breach two weeks ago. For the past two weeks, our staff have been working tirelessly to further strengthen our systems against secondary or opportunistic attacks.”
Included in the breach was the following information:
- Phone numbers
- Dates of birth
- Emergency contact details
- Tax file numbers
- Payroll information
- Bank account details
- Student academic records
- Student academic transcripts
Some systems, including those that store credit card details, travel information and medical records, were unaffected.
Less than a year ago, ANU scrambled to contain a breach – reportedly of Chinese origin.
“As you know, this is not the first time we have been targeted,” Schmidt said in Tuesday’s statement.
“Following the incident reported last year, we undertook a range of upgrades to our systems to better protect our data.
“Had it not been for those upgrades, we would not have detected this incident.”
In this instance, ANU has not yet attributed the attack and says the matter has been referred to the appropriate agencies.
ANU is home to the Strategic and Defence Studies Centre and works closely with the Department of Defence, but Schmidt said there was “no evidence that research work has been affected”.
If you think you've been affected by this breach, you can call 1800 275 268.