QUT hack detailed
Over 11,000 QUT employees, students and former staff have been affected by a cyber attack.
QUT - one of Queensland's largest tertiary institutions - recently revealed that thousands of people associated with the university potentially had their personal data compromised by a ransomware attack that occurred late last year.
A note from the hackers in December said: “Your critical data was not only encrypted but also copied”, warning it could be published online unless a “modest royalty” was paid.
The university became aware of the cyber attack after campus printers began to spit out ransomware notes in bulk, leading the university to shut down a number of its IT systems as a precaution.
Back then, QUT believed just 2,500 current staff and some former staff at the university had their personal data stolen, but the university has now revealed updated details of those affected and apologised for the impacts.
The latest statement reveals that a total of 11,405 people were impacted by the Royal Ransomware cyber-attack - including 2,492 current university staff and 8,846 former staff.
QUT says 17 current students and 50 former students have been hacked, and that 3,820 people’s tax file numbers had been breached.
“After detailed forensic analysis we did establish late last month that the cybercriminals managed to access a number of files on an internal storage drive, some of which included personal information of current and former employees and students,” it said in a statement.
“Firstly, QUT is disappointed and sorry that this cybercrime has potentially impacted on our staff and former staff. It is important to note the security of our HR, student or financial systems was not compromised or accessed by the cyber criminals,” the statement said.
“We also have no evidence to date of any further illegal activity in relation to the data that may have been accessed by the cyber criminals.
“The information was in storage files only accessible to a limited number of authorised personnel.
“Going forward we will accelerate our use of more secure, cloud-based and other forms of storage.
“We have commenced [a] further review and monitoring of all systems and storage to ensure that they are managed in accordance with the relevant legislative requirements for retention and record keeping and will review and update if necessary QUT retention and records policy and practices.”
QUT says it has ramped up security measures and asked staff and students to reset passwords since the attack, while also adding extra verification steps for those working and studying from home.
“We have also implemented additional expert monitoring and validation mechanisms,” the statement said.
“At every stage of our response we have been in regular communication with staff students and all relevant Queensland and Federal authorities.”
QUT vice-chancellor Professor Margaret Sheil says the university has found the vulnerability that allowed it to be hacked.
“We understand how this happened, what the particular vulnerability was, we have addressed that,” she said, claiming to be confident this “scenario of events” will not happen again.
“Can I be confident that we won't be subject to further attacks? I can't, I can never be that confident,” she said.
“They are very active, these kinds of criminals, and we are not the only ones being targeted.”