This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

TAFE SA

Summary

TAFE SA disclosed in April 2023 that credentials for 2,224 students enrolled between 2016 and 2021 were stolen in a data breach discovered by SA Police during an unrelated investigation. The breach was first discovered in March 2022 when police found scanned copies of TAFE SA student identification forms on a seized USB device. The stolen identification forms included driver's licences and passports for enrolments prior to 2021 across all campuses, though 87% of the breached credentials had expired. TAFE SA and the South Australian Government covered the fees for document replacements for affected students.

What Happened

South Australia Police discovered copies of TAFE SA student identification documents during an unrelated investigation. In March 2022, police informed TAFE SA that they had found copies of documents containing details of 24 students on a USB device seized during their investigation.

In November 2022, TAFE SA was provided with an additional USB device containing 3,000 lines of data, significantly expanding the known scope of the breach. The identification forms included scanned copies of driver's licences and passports that students had submitted during enrolment between 2016 and 2021.

The breach was publicly disclosed in April 2023, more than a year after TAFE SA first became aware of the issue. The method by which the documents were initially stolen from TAFE SA systems and placed onto the USB devices found by police was not publicly detailed, though the circumstances suggest potential insider access or theft.

Impact on Individuals

A total of 2,224 students enrolled between 2016 and 2021 across all TAFE SA campuses were affected by the breach. The stolen identification forms included driver's licences and passports—government-issued identity documents that can be used for identity theft and fraud.

However, the impact was somewhat mitigated by the age of the documents: 87% of the breached credentials had expired by the time the breach was disclosed in 2023. Expired identity documents are less useful for fraudulent purposes, though the personal information on them (names, dates of birth, addresses, document numbers) remains permanent and could still be used in conjunction with other breached data.

For the 13% of students whose credentials had not expired, the risk was higher, as current identity documents could potentially be used to open accounts, apply for credit, or conduct other fraudulent activities.

Organisational Response

TAFE SA contacted all 2,224 affected students to inform them of the breach. Recognising the serious nature of identity document exposure, TAFE SA and the South Australian Government agreed to cover the fees for replacement documents for students who needed new driver's licences or passports.

The year-long gap between first learning of the breach (March 2022) and public disclosure (April 2023) raised questions about notification timing, though this delay may have been related to the ongoing police investigation that led to the breach's discovery.

TAFE SA reviewed its data handling and storage practices to prevent similar incidents in future and worked with authorities to understand how the documents were removed from its systems.

Verification Source: View original statement