Serious data breach hits 20,000 Uni of Tasmania students, prompting credit, privacy concerns
Personal details of all students at a major university were accessible to other students and staff for almost six months.
In a major data security breach, personal details of 20,000 University of Tasmania students – including ethnicity, disability and results – were accessible by other students and staff for almost six months.
The shocking breach, affecting all students enrolled in 2020, has prompted UTAS to notify authorities, hire experts to deal with the aftermath and warn students to consider credit bans.
Tasmania University Union president Braydon Broad said the breach, discovered on August 11 but only confirmed in detail to students on Monday, was creating concern and anxiety.
“We are concerned about the feelings of discomfort our students are going to have at the moment,” Mr Broad, a law student, told The Australian.
“There are going to be a lot of students with emotions about this and obvious valid concerns for their privacy. We are concerned that throughout those previous months students have inadvertently been able to access this data.”
UTAS said the use of the wrong security settings on an internal SharePoint data storage platform had allowed anyone with a UTAS email address to access the data, between February 27 and August 11, 2020.
Information provided to students on Monday suggests this information – which could have been freely accessed by other students and staff – included: full names, personal and university email addresses, mobile and home phone numbers, data of birth, country of birth and citizenship.
It may also have included gender, indigenous and disability status, student ID, ATAR score and student results, as well as course information and full or part time status.
Vice Chancellor Rufus Black revealed UTAS had called in national identity and cyber support service IDCARE to advise and support students in the aftermath of the breach.
Professor Black said the privacy regulator, the Office of the Australian Information Commissioner, had been notified, and a hotline set up for students with concerns.
“On behalf of the university, I sincerely apologise to all students who have been affected by this incident,” he said. “…I encourage anyone with concerns or questions about potential misuse of their person information to contact the support line as soon as possible.”
UTAS information posted to students advised that “a number” of people had accessed the data.
These individuals were being contacted and asked to delete any downloaded files or copies and seek the return of any information they had shared with others.
Minister canes unis over effect of early offers
As year 12 students approach their final exams, one education minister is worried that early university offers have encouraged them to slack off.
Uni debacle was always going to get ugly
Our two oldest universities are both loudly left-wing campuses – they have activist staff and student groups where the party-line is settler-colonist theory – in which Israel as is has no right to exist.