The data of students at a major Australian university was stolen, the university has confirmed.
Queensland University of Technology confirmed on Friday that 67 students “may” have been impacted by a cyber attack last month, along with fewer than 2500 current stuff and a number of former staff.
WATCH THE VIDEO ABOVE: New figures show Australia’s cyberspace is coming under increasing attack.
Watch the latest news and stream for free on 7plus >>
Students were alerted to the news in an email, informed that 17 current students had been affected alongside 50 former students. They were told those affected would be notified personally.
In QUT’s 2021 Annual Report, they reported a cohort of 53,253 students and identified over 4500 staff members, meaning over half of their staff were affected by the cyber attack.
The data compromised in the attack included “some personal information for staff and students that could assist in identity theft”, a spokesperson said.
Staff were informed in an email that information stolen included:
- Date of Birth
- Tax File Number
- Residential address
- UniSuper member number
- Bank account name
- Banking institution
- BSB number
- Bank account number
“QUT is unaware of any of the data being exploited, or even necessarily accessed, by criminal elements,” the spokesperson said.
The spokesperson said the university’s cybersecurity team has been working on the past few weeks to prevent further issues.
QUT Vice-Chancellor Professor Margaret Sheil said QUT had commenced contacting those impacted and these efforts will continue into next week.
The university’s investigations showed one storage drive was compromised by the cyber attack.
“Systems used for teaching, research, student management, financial and personnel management and email have not been compromised,” the spokesperson said.
These systems were taken offline following notification of the attack.
During the cyber attack, several printers began producing suspicious messages in bulk and students were instructed not to interact with the printers until further notice.
The messages say the university’s system has been “hit”.
“Most likely what happened was that you decided to save some money on your security,” it reads.
“Alas, as a result, your critical data was not only encrypted but also copied.
“From there it can be published online. Then anyone on the internet from darknet…and even your employees will be able to see your internal documentation.”
The message then demanded money in return for data.
“We are obviously concerned that the attack accessed stored document files and QUT is taking all necessary actions to support those affected to prevent further illegal activity,” Sheil said.
“We have, and will continue to, directly communicate with each of the individuals, offering support through access to independent identity protection and services such as IDCARE and Equifax as well as our own wellbeing support.”
Equifax was hacked in 2017, with over 147 million American citizens affected, 15 millions Britons and approximately 15,000 Canadians.
QUT campuses reopened on January 3, 2023 with orientation for the university’s first semester starting on February 20.