Universities Hit By Data Breaches

Date —

27 Jun 2019

Industry Sector/s —
Higher Education

Summary —

In the past month the Australian National University (ANU) and Australian Catholic University have been hit by data breaches affecting more than 200,000 people. It’s in this environment that providers across the independent tertiary education system are reviewing their data protection protocols.

Key Issues —

Advice of a major data breach that occurred in late 2018 was released by ANU in early June 2019, some two weeks after it was discovered. The university said that there was unauthorised access to significant amounts of personal staff, student and visitor data extending back nineteen years.

Depending on the information provided to ANU, the data accessed may have included names, addresses, dates of birth, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details, and passport details. Student academic records were also accessed.

Upon identifying that the data breach had occurred, ANU set about working to further strengthen our systems against secondary or opportunistic attacks.

Some two weeks after ANU released public information concerning its unfortunate data breach ACU said that a data breach was discovered on 22 May 2019 and a number of staff email accounts and some University systems had been compromised.

The data breach at ANU originated from a phishing attack: an email pretending to be from ACU tricking users into clicking on a link or opening an attachment and then entering credentials into a fake ACU login page. In a very small number of cases, staff login credentials were obtained successfully via the phishing email and were used to access the email accounts, calendars and bank account details of affected staff members.

These two attacks have highlighted the importance of the tertiary education system being vigilant and proactively working to protect student and staff records. It’s a topical issue and one being considered at the ITEC19 conference to be held over 21-23 August 2019 on the Gold Coast. For conference information visit:


At the ITEC19 Conference Mr Damien Manuel, Chair of the Australian Information Security Association, will make a presentation entitled 'Cyber Threats To Student Data Security.' Precipitously, this presentation was planned before news of the unfortunate data breaches at ANU and ACU was made public.

Mr Manuel’s presentation will highlight the fact that independent tertiary education providers store a great deal of information about their students and it’s not possible to assume this is safe from cyber criminals. In this thought-provoking presentation lean about how student databases and other sources such as email may be subject to theft and what your business can to protect itself, and your students.

In light of the cyber attacks at ANU and ACU that saw the data breaches occur, ITECA advises all independent tertiary education providers to review their data security arrangements.

Member Engagement:

ITECA’s ability to play a lead role in matters associated with this issue rests on the advice and guidance of individuals belonging to the ITECA Higher Education Sector Interest Group.

Further Information:

For more information on this issue please send an email to policy@iteca.edu.au or telephone 1300 421 017.  Stay up to date via Twitter @ITECAust or via Facebook at www.facebook.com/ITECAust.

Disclaimer & Copyright:

The material published on this website page is intended for general information only and is not legal advice or other professional advice.  It may not be reproduced without ITECA’s prior written consent.

Other News

/images/ITECA/News/2019/ITECA Parliamentary Roundtable Shapes-up _thumb.jpg

ITECA Parliamentary Roundtable Shapes-up

The ITECA Parliamentary Roundtable on 11 September 2019 in Canberra provides a platform for dialogue between the independent tertiary education system and key Ministers. More

/images/ITECA/News/2019/2018 VET Government Funding_thumb.jpg

2018 VET Government Funding Data

The latest data on government-funded VET shows that in 2018, 1.1 million students were enrolled in government-funded VET, a decrease of 1.9% compared to the previous year. More

/images/ITECA/News/2019/Higher Education Fee Bills In Parliament_thumb.jpg

Higher Education Fee Bills In Parliament

Legislation introduced into the parliament will impose an annual charge on higher education providers with students entitled to HECS-HELP assistance or FEE-HELP assistance. More