This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

VETtrak

Summary

VETtrak, a Melbourne-based student management software platform owned by ReadyTech, suffered a ransomware attack on 16 October 2025 that caused extended outages impacting multiple education providers across Australia. The Lynx ransomware gang was reportedly behind the attack, which affected student personal information and resulted in some documents being published on the darknet. Government agencies including Tasmanian education, health, and fire services departments were among the impacted organisations.

What Happened

On 16 October 2025, VETtrak announced an outage impacting multiple services. By 17 October 2025, the company confirmed a cyber attack had affected the VETtrak student management platform. An anonymous source reported that VETtrak had received a ransom note from the Lynx ransomware gang. Education providers using the system were unable to access it, in full or in part, from 17 October onwards. On 24 October 2025, ReadyTech confirmed that some documents had been published on the darknet, affecting the personal information of some students.

Impact on Individuals

The breach affected students whose information was managed through the VETtrak platform, along with education providers dependent on the system. Multiple Tasmanian government agencies were impacted, including the Department for Education, Children and Young People, the health department, and the fire and services department. The extended system outage prevented education providers from accessing critical student management functions.

Organisational Response

ReadyTech, VETtrak's parent company, disclosed the cyber incident and confirmed the impact on student personal information on 24 October 2025. The company sought an injunction from the Supreme Court of New South Wales to prohibit any access to, disclosure of, or dissemination of data involved with the cyber incident by third parties. ReadyTech worked to restore services whilst investigating the full scope of the breach.

ReadyTech sought an injunction from the Supreme Court of New South Wales to prevent third parties from accessing, disclosing, or disseminating data involved in the cyber incident.

Verification Source: View original statement