11,405 staff, students caught up in QUT’s cyber attack
Personal information including bank details and tax file numbers of more than 11,400 current and former staff and students has been potentially impacted in a major cyber attack, QUT has confirmed.
Tertiary
Don't miss out on the headlines from Tertiary. Followed categories will be added to My News.
Personal information including bank details and tax file numbers of more than 11,400 current and former staff and students has been potentially impacted in a major cyber attack, QUT has confirmed.
A Queensland University of Technology spokeswoman has revealed the full extent of the fallout from the ongoing December cyber-attack which shut down systems and delayed exams.
A total of 11,405 people were impacted by the Royal Ransomware cyber incident which includes 2492 current QUT staff, 8846 former staff, 17 current students and 50 former students.
The spokeswoman said there was no evidence to suggest any further illegal activity in relation to the data accessed by the cyber criminals.
A former staff member told The Courier-Mail that the personal information accessed included names, date of births, tax file numbers, residential address, gender, unisuper details and bank details like institution, BSB and account numbers.
The QUT spokeswoman said the information accessed ranged from a single bank account number and included information such as tax file numbers.
“Of the total of 11,405, tax file numbers were impacted for 3820 individuals,” the spokeswoman said.
“It is important to note the security of our HR, student or financial systems was not compromised or accessed by the cyber criminals.”
The spokeswoman said a forensic analysis late last month established that the cyber criminals were able to access several files on an internal storage drive, which included people’s personal information.
She said the organisation was “disappointed and sorry” that the cybercrime had potentially impacted the staff and students.
The initial response led to QUT beefing up its security measures which included additional verification steps, restoration of impacted systems and implementing expert monitoring mechanisms.
“The information was in storage files only accessible to a limited number of authorised personnel,” the spokeswoman said.
“Going forward we will accelerate our use of more secure, cloud-based and other forms of storage.
“We have commenced further review and monitoring of all systems and storage to ensure that they are managed in accordance with the relevant legislative requirements for retention and record keeping and will review and update if necessary QUT retention and records policy and practices.”
QUT vice-chancellor Professor Margaret Sheil said the university had begun contacting staff and students who had been impacted.
“We are obviously concerned that the attack accessed stored document files and QUT is taking all necessary actions to support those affected to prevent further illegal activity,” she said.
More Coverage
Treasury Casino to be transformed into new university campus
Exclusive new renders have revealed what Brisbane’s historic Treasury Casino will look like, as it’s new owners Griffith University reveal the next move. FIRST LOOK
Sweeping changes to QTAC following offer round debacle
Crisis management training will be brought into the state’s tertiary admissions centre as it aims to avoid a repeat of last year’s offer round chaos which left thousands of students in limbo.