[BreachExchange] Australian Catholic University breach nets staff details
Destry Winant
destry at riskbasedsecurity.com
Thu Jun 20 10:41:37 EDT 2019
https://www.itnews.com.au/news/australian-catholic-university-breach-nets-staff-details-526849
Unknown number of accounts accessed.
The Australian Catholic University has become the latest tertiary
institution to disclose a recent data breach, with sensitive staff
information being accessed by unknown attackers.
A brief document from acting vice-chancellor Dr Stephen Weller said
the May 22 attack succeeded in compromising a small number of staff
logins through a phishing email, purporting to be from the university
itself.
ACU has seven campuses across Australia, with over 35,000 students enrolled.
The phishing email contained a link to a fake login page that allowed
attackers to intercept staff access credentials.
With the logins at hand, attackers were able to access email accounts,
calendars and bank details of further ACU staffers.
Weller did not say how many ACU staff were affected by the data
breach, but the university has contacted every person involved.
Breached accounts have been reset, too, and ACU's bank notified that
there could be fraudulent activity ahead after the attack.
ACU has also notified the Tertiary Education Quality and Standards
Agency (TEQSA),
the Office of the Australian Information Commissioner (OAIC), and the
Australian Cybercrime Online Reporting Network (ACORN).
Weller warned that ACU logins provide access to a number of university
systems, and that it is important to keep credentials secure.
He advised users not to click on links or opening attachments in
messages from unknown senders, and to avoid re-using ACU credentials
on non-university systems.
Tertiary academic institutions have come under attack recently.
Earlier this month, the Australian National University revealed that
it had discovered an attack that took place in late 2018 that saw 19
years' of data being accessed by a "sophisticated operator".
The Australian National University (ANU) has also been hit by two
major network intrusions since July 2018, possibly by an advanced
persistent threat (APT) nation-state threat actor.
The ANU raids have been cited by Home Affairs Minister Peter Dutton as
a reason to potentially expand the role of the Australian Signals
Directorate from foreign intelligence collection to include domestic
missions.
More information about the BreachExchange
mailing list