iTnews
  • Home
  • News
  • Technology
  • Security

Australian Catholic University breach nets staff details

By Juha Saarinen on Jun 18, 2019 6:24AM
Australian Catholic University breach nets staff details

Unknown number of accounts accessed.

The Australian Catholic University has become the latest tertiary institution to disclose a recent data breach, with sensitive staff information being accessed by unknown attackers.

A brief document from acting vice-chancellor Dr Stephen Weller said the May 22 attack succeeded in compromising a small number of staff logins through a phishing email, purporting to be from the university itself.

ACU has seven campuses across Australia, with over 35,000 students enrolled.

The phishing email contained a link to a fake login page that allowed attackers to intercept staff access credentials.

With the logins at hand, attackers were able to access email accounts, calendars and bank details of further ACU staffers.

Weller did not say how many ACU staff were affected by the data breach, but the university has contacted every person involved.

Breached accounts have been reset, too, and ACU's bank notified that there could be fraudulent activity ahead after the attack.

ACU has also notified the Tertiary Education Quality and Standards Agency (TEQSA), 
the Office of the Australian Information Commissioner (OAIC), and the Australian Cybercrime Online Reporting Network (ACORN).

Weller warned that ACU logins provide access to a number of university systems, and that it is important to keep credentials secure. 

He advised users not to click on links or opening attachments in messages from unknown senders, and to avoid re-using ACU credentials on non-university systems.

Tertiary academic institutions have come under attack recently. Earlier this month, the Australian National University revealed that it had discovered an attack that took place in late 2018 that saw 19 years' of data being accessed by a "sophisticated operator".

The Australian National University (ANU) has also been hit by two major network intrusions since July 2018, possibly by an advanced persistent threat (APT) nation-state threat actor.

The ANU raids have been cited by Home Affairs Minister Peter Dutton as a reason to potentially expand the role of the Australian Signals Directorate from foreign intelligence collection to include domestic missions.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
acuanuasdaustralian catholic universityaustralian national universityphishingsecurity

Partner Content

Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
Why rethinking your CMS is crucial for customer retention
Promoted Content Why rethinking your CMS is crucial for customer retention
Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
  • Forrester Technology & Innovation Asia Pacific 2022
By Juha Saarinen
Jun 18 2019
6:24AM
0 Comments

Related Articles

  • 50k customers caught up in Spirit Super phishing attack
  • Google adds phishing protection to Workspace apps
  • ASD to create cyber security hubs in three states
  • Defence cancels SkyGuardian drones to fund REDSPICE cyber plan
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

PayTo rollout kicks off

PayTo rollout kicks off
Neobank Volt exits the banking industry

Neobank Volt exits the banking industry
Australia scraps digital passenger cards for international arrivals

Australia scraps digital passenger cards for international arrivals
Optus brands Telstra-TPG deal 'uniquely one-sided'

Optus brands Telstra-TPG deal 'uniquely one-sided'

Digital Nation

Case study: AFL kicks goals with its new digital platform
Case study: AFL kicks goals with its new digital platform
Personalisation strategies need to be built from the ground up
Personalisation strategies need to be built from the ground up
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: EY invests in AI to improve approach to flexible working
Case Study: EY invests in AI to improve approach to flexible working
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.