ANU confirms mass data breach spanning 19 years

Australian National University

Australia's top-ranked university has confirmed it suffered a massive data breach leaking students' bank and passport details.

The Australian National University (ANU) said that it discovered evidence of a hack two weeks ago, conducted by a "sophisticated operator", and the records stolen belonged to students dating back 19 years, according to Reuters.

"Depending on the information you have provided to the university, this may include names, addresses, dates of birth, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details, and passport details, said Brian Schmidt, ANU vice-chancellor.

"Student academic records were also accessed."

It's the second attack the university has reported in a year, the first of which occurred in July 2018. In that incident, attackers attempted to steal sensitive information but were unsuccessful. Reports at the time attributed the attack to a group operating out of China.

The university is home to a range of defence-focused research units and it reportedly spent months fighting off attackers which authorities tracked to China.

Back in March, security researchers pointed fingers at China again for targeting universities that played host to maritime defence research teams, most of which were based in the United States.

"We're working closely with Australian government security agencies and industry security partners to investigate further," said Schmidt. "The university has taken immediate precautions to further strengthen our IT security and is working continuously to build on these precautions to reduce the risk of future intrusion."

The university's CISO issued guidance to students that could have been affected by the breach which included changing to a distinctive password for each service, remaining hyper-aware of phishing emails and using a VPN on unsecured networks such as hotel and airport Wi-Fi.

China has continuously denied being involved with any hack attacks on other nations, a position it's been forced to defend numerous times. Australia's cyber security agency blamed a foreign intelligence service for a malware hack on the country's weather bureau in 2015 and the theft of spy-office blueprints.

"We have observed Chinese state-sponsored attackers target research institutions in Australia in recent years, and we have observed other state-sponsored groups targeting these institutions in Asia," said Tim Wellsmore, APAC director of government security programs at FireEye, speaking to the Guardian.

China has been attributed to a range of other cyber attacks over the past year; the infamous Marriott hotel data breach was allegedly carried out by the Chinese authorities. The interception of thousands of EU communication cables as a result of a cyber attack was also believed to be linked to China.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.