ANU data breach stretching back 19 years detected
06 Jun 2019
The Australian National University has been hit by a massive data hack, with unauthorised access to significant amounts of personal details dating back 19 years.
- A sophisticated operator accessed the ANU's systems illegally in late 2018 but the breach was only detected two weeks ago, the university said in a statement.
- Based on student numbers over that time, as well as staff turnover, the university has estimated approximately 200,000 people were affected by the breach.
- "We believe there was unauthorised access to significant amounts of personal staff, student and visitor data extending back 19 years," ANU vice-chancellor Brian Schmidt said.
- "Depending on the information you have provided to the university, this may include names, addresses, dates of birth, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details, and passport details. Student academic records were also accessed."
- However, Professor Schmidt said the hack had not accessed credit card details, travel information, medical records, police checks, workers' compensation information, vehicle registration numbers, and some performance records.
Research work also appeared to be unaffected. Professor Schmidt said the ANU had known about the hack for about two weeks but had only made it public after protecting the system from further "secondary or opportunistic attacks".
"The university has taken immediate precautions to further strengthen our IT security and is working continuously to build on these precautions to reduce the risk of future intrusion," he said.
"The chief information security officer will be issuing advice shortly on measures we can all take to better protect our systems, and I strongly encourage you all to implement those measures.
"I assure you we are taking this incident extremely seriously and we are doing all we can to improve the digital safety of our community. We are all affected by this and it is important we look after one another as our community comes to terms with the impact of this breach."
'Quite a few students end up in Federal Government'
News of the breach comes months after another cyber security breach at the university, but ANU insisted then that no data was compromised.
Professor Schmidt said IT security upgrades put in place as a result of that attack had helped detect this incident.
The Australian Signals Directorate said the hack appeared to be the work of a sophisticated actor and confirmed it was working with ANU to secure the networks, protect users and fully investigate the breach.
"This compromise is a salient reminder that the cyber threat is real and that the methods used by malicious actors are constantly evolving," an ASD spokesperson said.
The ASD said it was too soon to draw a connection between this hack and other security breaches.
Cyber security expert Tom Uren, a senior analyst at the Australian Strategic Policy Institute, said it was too early to say who was behind the attack but suggested China was the most likely culprit.
"They have a history of stealing large data sets and the theory is that they're putting these together to try and build a picture of people of interest to use for either counter-intelligence or intelligence purposes," he said.
"I've also heard the theory that the Chinese are interested in foreign universities because they've got a large number of overseas students … and universities are traditionally a hotbed of radicalism and that's a concern for the Chinese state."
Universities were good places to keep track of people's histories, he said.
"I imagine quite a few university students from ANU end up in federal government," he told the ABC in August 2018.
"Inevitably some of them will become important people down the track."
Member for Fenner and former shadow assistant treasurer Andrew Leigh, who was an economics professor at ANU, said he was concerned but unsurprised by the breach.
"I'm certainly troubled by it, but no more than I imagine many ANU staff and students are feeling right now,"he said.
"As a parliamentarian I feel as though a lot of what I do is already in the public eye."
Personal details and research valuable to hackers
Dr John Blaxland, a professor of intelligence studies at ANU's Strategic and Defence Studies Centre, also suggested the university was an attractive hacking target — both for its research and information about staff and students.
"If you can't access the research work itself, because it appears that sufficient protective measures have been put in place … you would want to then go for the personal details," he said.
While the culprit has not been identified, Dr Blaxland said there were "several nation states" with the ability to carry out a hack at this scale, as well as other non-state actors.
In his view, such incidents suggest that conditions are being set for Australia to become increasingly vulnerable to "international pressure, blackmail, subversion" — terms he thought had gone out of fashion with the Cold War.
"We don't know exactly how it happened, and we know that it's now becoming very difficult to prevent a determined, institutional hacking endeavour," he said.
"There are nation states that can throw an enormous amount of resources, if they focus their energies on a target like ANU, that make it very difficult to defend against."
Former student Dr Valerie Kane said she was not surprised the university had been targeted.
"But I was a little bit concerned about the level of detail they've now got because they have all of our personal information," she told the ABC.
"I was mostly concerned about my tax file number. The other things are probably things you can get publicly anyway."
Share this link: