ACU discloses data breach

By Dylan Bushell-Embling
Tuesday, 18 June, 2019

ACU discloses data breach

The Australian Catholic University has become the latest Australian university to report a data breach on its systems.

The cyber attack compromised “a number of staff email accounts and some university systems”, the university’s Acting Vice Chancellor Dr Stephen Weller said in an advisory.

According to Weller, the breach initiated from a phishing attack targeting ACU staff login credentials, which was successful in “a very small number of cases”. The attackers used the login credentials to access their victims’ email accounts, calendars and bank account details.

The ACU has now contacted each person identified as being directly affected and reset their online accounts, and has sent notifications to its bank, the Tertiary Education Quality and Standards Agency (TEQSA), the Office of the Australian Information Commissioner (OAIC) and the Australian Cybercrime Online Reporting Network (ACORN).

The ACU’s disclosure comes two weeks after the ANU disclosed it had been the target of a data breach affecting large numbers of current and former staff, students and visitors. The Australian intelligence community reportedly considers the Chinese government to be the main suspect in that “sophisticated” attack.

In addition, the Auditor General of New South Wales last week published a report into risks faced by the state’s universities, which found that seven of the state’s 10 major universities experienced at least one cyber incident in 2018. But the audit uncovered significant deficiencies in the universities’ IT internal controls.

“Once again, the education sector finds itself in the crosshairs of determined cybercriminals. Universities are an alluring target for cybercriminals given the sheer amount of data records they store and manage,” commented Adam Biviano, Senior Manager for Solution Architecture at identity and access management solutions provider ForgeRock.

“With today’s threat landscape in constant evolution, organisations need to consider context aware intelligent authentication options which are stronger than passwords without the additional friction of conventional multifactor systems.”

Image credit: ©iconimage/Dollar Photo Club

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related News

Lack of leadership buy-in biggest obstacle to digital trust: report

A new report from ISACA says that many organisations say that in five years digital trust will be...

Lack of customer confidence affecting security strategies: report

A survey from LogRhythm finds three-quarters of ANZ companies changed their security strategy...

IMT sector was Australia's most targeted in 2023: report

The information, media and technology sector has been the Australian industry most targeted...

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd