iTnews
  • Home
  • News
  • Technology
  • Security

ANU suffers second 'significant' hack in a year

By Ry Crozier on Jun 4, 2019 11:24AM
ANU suffers second 'significant' hack in a year

Reveals 19 years of data accessed.

The Australian National University (ANU) has suffered a massive data breach with about 19 years of data accessed by an unknown attacker.

It’s the second major attack against the ANU, which was also hit in mid-July last year. The university at the time blamed an advanced persistent threat (APT) but said the "significant" damage from that incident had been contained.

Vice-chancellor Brian Schmidt said today that a “sophisticated operator” had accessed ANU’s systems again in late 2018 but that this latest breach was not discovered until May 17 this year.

“For the past two weeks, our staff have been working tirelessly to further strengthen our systems against secondary or opportunistic attacks,” Schmidt said in a statement.

“We believe there was unauthorised access to significant amounts of personal staff, student and visitor data extending back 19 years.  

“Depending on the information you have provided to the University, this may include names, addresses, dates of birth, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details, and passport details. Student academic records were also accessed.”

Schmidt said that systems storing “credit card details, travel information, medical records, police checks, workers' compensation, vehicle registration numbers, and some performance records” were spared.

ANU said it also had no evidence that research work had been compromised. It also later said via Twitter that its teaching and learning platforms were not impacted.

The university said it is working with “Australian government security agencies and industry security partners to investigate further.”

ANU was quick not to lay blame for the latest attack.

“Attribution is difficult, and we are not able to attribute this attack,” it said.

“This data breach has been referred to the appropriate agencies.

“The core issue for us is the safety of our community and protecting the integrity of our data.”

ANU’s CISO Suthagar Seevaratnam published detailed advice for anyone affected by the breach.

Schmidt said that security systems put in place as a result of the first APT-led attack had allowed the university to detect the latest one, albeit with the delay.

“Had it not been for those upgrades, we would not have detected this incident,” he said.

ANU has set up a direct helpline at 1800 275 268 for anyone seeking more information or with particular personal concerns.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
anuapteducationithacksecurity

Partner Content

Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
"We're seeing some good policy put in place, but that's the exception"
Partner Content "We're seeing some good policy put in place, but that's the exception"
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
By Ry Crozier
Jun 4 2019
11:24AM
0 Comments

Related Articles

  • ANU to go passwordless
  • Researchers find APT campaigns share known vulnerabilities
  • Swinburne gets funding for cyber security teaching
  • CBA staff mastering cyber security in UNSW pilot
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation
Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early
SA Police ignores Adelaide council plea for facial recognition ban on CCTV

SA Police ignores Adelaide council plea for facial recognition ban on CCTV
NBN Co says TPG tie-up could help Telstra sidestep spectrum limits

NBN Co says TPG tie-up could help Telstra sidestep spectrum limits

Digital Nation

IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
The security threat of quantum computing
The security threat of quantum computing
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.