This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Australian National University

Summary

The Australian National University suffered a sophisticated cyber attack that compromised its network systems over several months. The breach, disclosed in June 2018, exposed personal information of up to 200,000 students, staff, and visitors dating back 19 years. ANU described the attack as state-sponsored, with the intruders having access to highly sensitive data including tax file numbers, passport details, and bank account information.

What Happened

Sophisticated attackers gained unauthorised access to ANU's network systems and maintained access for several months before detection. The university's cybersecurity team discovered the intrusion and spent months containing the threat and securing systems. The attackers targeted ANU's enterprise systems, which held extensive personal and financial records accumulated over nearly two decades. The university did not publicly disclose specific technical details of how the initial breach occurred, but characterised it as a sophisticated, persistent attack consistent with nation-state capabilities.

Impact on Individuals

The breach exposed an extensive range of sensitive personal information, creating significant risks for affected individuals:

  • Identity theft risk: Tax file numbers, passport details, and dates of birth could be used to open fraudulent accounts or apply for credit
  • Financial fraud: Bank account numbers and payroll information could enable unauthorised transactions
  • Long-term exposure: Records dating back 19 years mean some affected individuals may no longer be associated with ANU
  • Employment records: Historical employment data and academic records were potentially compromised

Affected individuals were advised to:

  • Monitor bank accounts and credit reports for suspicious activity
  • Be alert to phishing attempts using their personal information
  • Consider credit monitoring services
  • Update passwords for ANU and other accounts

Organisational Response

ANU took immediate action upon discovering the breach:

  • Engaged the Australian Signals Directorate and Australian Federal Police
  • Implemented enhanced security measures to contain and eliminate the threat
  • Conducted a comprehensive review of systems and data holdings
  • Notified affected individuals through multiple channels
  • Established dedicated support services for affected staff and students
  • Committed to significant investment in cybersecurity infrastructure

The university acknowledged the severity of the breach and apologised to affected individuals. ANU's Vice-Chancellor described it as one of the most sophisticated attacks targeting an Australian institution.

Response and Investigation

The Australian Signals Directorate's Australian Cyber Security Centre assisted ANU in the response and investigation. The breach prompted broader discussions about cybersecurity at Australian universities and research institutions, with concerns raised about the vulnerability of sensitive research data and the targeting of academic institutions by nation-state actors.

Verification Source: View original statement