As reported by iTWire, the ANU in Canberra suffered a major data breach with personal details of staff, students and visitors over the past 18 years exposed.
The university only just revealed the breach on Tuesday morning with the Vice chancellor Dr Brian Schmidt saying the breach occurred in late 2018 “when a sophisticated operator accessed our systems illegally”.
Tim Wellsmore, director, Government Security Programs, Asia Pacific at cyber security solutions provider FireEye, says that espionage continues to top the list of cyber security threats to higher education and research institutions in Australia – and these institutions hold extensive information that is valuable to nation-state actors, “including research related to national security, its faculty’s communications and contacts, personal information, and intellectual property”.
In further comment on the ANU security breach, Adam Biviano, Principal Solution Architect at digital identity management platform ForgeRock, said: “Education providers may store and manage millions of consumer data records and thus are finding themselves under a constant barrage of cyber attacks.”
According to Biviano, "personal identity information remains the holy grail of cybercriminals as there are many avenues to profit from it".
“Organisations from all industries can protect identity information by implementing a strong customer identity strategy which includes understanding how it is used and stored across different lines of businesses and ensure that sensitive personal information is only kept on robust infrastructure.
"Not only does a breach impact a business with the potential to inflict brand damage and reduce revenues, it can also see impacted customers pay a hefty personal price given they may now be directly in the sights of the perpetrator as they look to cash in.
"Protecting customer data must be a top priority for enterprises of all types and industry sectors, as the evidence is clear that cyber criminals show no sign of slowing down."