This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Australian National University

Summary

The Australian National University (ANU) disclosed a sophisticated cyber attack in June 2019 that had been ongoing since at least late 2018. The breach, assessed by security agencies to be state-sponsored, accessed systems containing 19 years of staff, student, and visitor data dating back to 2000. This represents one of the most serious breaches of an Australian educational institution, affecting Australia's most prestigious university and raising concerns about targeting of future government leaders.

Attack Vector

Hacking (State-Sponsored). A highly sophisticated state actor, widely reported to be linked to China, maintained persistent access to ANU systems for an extended period. The attackers used advanced techniques to avoid detection and accessed multiple systems containing current and historical records. The attack targeted one of Australia's leading research institutions, which has educated numerous Australian government officials, intelligence officers, military personnel, and political leaders, making the stolen data potentially valuable for foreign intelligence profiling and recruitment operations.

Consumer Impact

  • Massive Scope: 19 years of data exposed, affecting current students, staff, alumni, and visitors
  • Highly Sensitive Data: The breach included passports, tax file numbers, bank details, and academic records
  • National Security Implications: For those who went on to work in government, defence, or intelligence roles, the compromised data could enable foreign intelligence services to build comprehensive profiles for targeting, recruitment, or blackmail operations
  • Research Community: The attack on a major research university raised concerns about intellectual property theft and targeting of researchers

Response

ANU Vice-Chancellor Brian Schmidt publicly acknowledged the breach and expressed the university's determination to strengthen cybersecurity. ANU immediately engaged the Australian Signals Directorate (ASD) and Australian Cyber Security Centre (ACSC) to lead the forensic investigation and response. The university implemented a complete rebuild of affected IT systems, enhanced security monitoring, and began the lengthy process of notifying potentially affected individuals spanning nearly two decades. Free identity protection services were offered to the university community. The incident prompted national discussions about the vulnerability of Australian educational institutions to state-sponsored cyber espionage.

Verification Source: View original statement