The Australian National University (ANU) has discovered a data breach that involves sensitive information, including students' bank account numbers and passport details going back 19 years. The university published the details on the breach in a statement on its homepage on June 4th.
ANU is Australia's best university, according to World University Rankings, and historically sees many of its graduates go on to hold senior government positions. A fact that magnified concern and security sensitivities over the data breach.
The university said it had only discovered the breach a fortnight ago and that a “significant” amount of staff and student information was accessed in the cyber-attack that was carried out by "a sophisticated operator."
British newspaper the Guardian reported that ANU confirmed an estimated 200,000 people were affected by the hack, based on student numbers each year and staff turnover.
Vice-chancellor Brian Schmidt sent a message to students and staff, explaining that someone illegally accessed the university’s systems in late 2018. “We believe there was unauthorised access to significant amounts of personal staff, student and visitor data extending back 19 years,” Schmidt wrote.
The high-profile careers of some of said former students are also the reason Fergus Hanson suspects as motivation behind the attack. The head of the International Cyber Policy Centre at think-tank the Australian Strategic Policy Institute said, "National community agencies are recruiting directly out of ANU," according to Reuters.
"To have information around particular people who are working in different departments...that would be very useful," Hanson added.
Another attempted cyber-attack was disclosed by ANU in July last year but reported to have failed to gather sensitive information. Australia's cyber intelligence agency said it was investigating who was behind the attack.