Report on Breach at Australian National University

by
Fnord666
from SoylentNews on (#4S84M)

An Anonymous Coward writes:

ANU shares knowledge on major breach into systems that exposed 19 years of staff and student records.

In early November 2018, a sophisticated actor gained unauthorisedaccess to the ANU network. This attack resulted in the breach ofpart of the network known as the Enterprise Systems Domain (ESD),which houses our human resources, financial management, studentadministration and enterprise e-forms systems.

By gaining access to ESD, the actor was able to copy and steal an unknown quantity of data containedin the above systems. There is some evidence to suggest the same actor attempted to regain accessto ESD during February 2019, but this second attack was ultimately unsuccessful.

[...] At the time of the public announcement, ANU was not able to ascertain how much data or specificallywhich fields might have been accessed. As such it was assumed that all data, dating back some19 years, had been potentially affected and reported as such to err on the side of caution. More recentforensic analysis has been able to determine that the amount of data taken is much less than 19 years'worth; although it is not possible to determine how many, or precisely which, records were taken. Thisanalysis is based on duration of exfiltration activity and known, albeit incomplete, data volumes.

ANU worked closely with, and reported findings to, the Australian Cyber Security Centre (ACSC)and the Office of the Australian Information Commissioner (OAIC), before public notification. Duringthe intervening two weeks between the detection of the breach and the public announcement onTuesday 4 June 2019, we implemented a range of additional security controls inside ESD and thebroader network - many of these activities were to expedite hardening measures already scheduledfor implementation.

Page has more background:
https://www.anu.edu.au/news/all-news/data-breach

Report in pdf:
https://imagedepot.anu.edu.au/scapa/Website/SCAPA190209_Public_report_web_2.pdf

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments