ANU Data Breach – A Must-Read Report Of A “Sophisticated” Attack 


 It seems like there is a steady stream of news regarding data breaches and cyber-attacks in Australia. 

While most of these infringements impact smaller businesses, occasionally there are “major” security issues that affect big organizations and a large number of people. 

Comprehending how these IT breaches occurred can help firms out there to protect their data by ensuring they don’t let the same situation happen to them. For that reason, we have listed here a significant information breach occurred in Australia’s one of the top-ranked universities that have had the biggest impact on people recently.

The Massive Breach – An Outline

The Australian National University (ANU) has confirmed in July-2019 that 19 years of their staff and student records were compromised on 17th May 2019.

With this breach, hackers obtained access to data including names, dates of birth, addresses, phone numbers, email addresses, emergency contact details, academic records, payroll information, tax file numbers, bank account details, and passport details, of more than 200,000 students and staff of the university.

And the question now is… 

What Will Happen With The Stolen Data?   What-Will-Happen-With-The-Stolen-Data

The looted data, involving people’s personal and financial details,  are highly crucial. Generally, when these kinds of information are hacked, there are three likely outcomes:

  1. Pay a hefty ransom: The criminals may ask the victim to pay a ransom to erase the stolen details (or at least say they will!). If you refuse to pay, they will probably release your data to the public.
  1. Public release of data: The hackers may make the data visible to the public without asking for any payment. This is usually done to show off their strength or create utter chaos. Still, the consequences are notably serious in this incident, as it may lead to the creation of fake identities, or valuable intellectual property becoming accessible to competitors or other hackers.
  1. Sell for profit: Data could be sold on the dark web to make a profit, which could be bought and used for fraudulent purposes.

What Makes It Unique?

Something is interesting in this case!

ANU has known it was being targeted for a while now, but still, the university was not able to fend off the data breach.

You might think about why they hadn’t reinforced cyber defences in response. However, the answer is, they probably did, maybe to the best of their capabilities.

Be informed, when you are fighting off elite hackers and those practising “zero-day vulnerability exploits”, your chances of avoiding a hack are limited. 

Zero day-based exploits are vulnerabilities that are exploited straight after the discovery of that weakness, so that, no targeted solutions, such as patches or updates, are available to rectify that.

…Which means, such hackers are hard to stop!

What Can We Learn From This?What-Can-We-Learn-From-This

Based on this matter, we can infer that Prevention, Detection, and Response are three vital steps in the battle against cyber-attackers. 

  • Rather than waiting for the incident report, companies need to have appropriate monitoring to detect any such issues invariably.
  • If your credentials were compromised without your knowledge, chances are high for cybercriminals to sell them on the Dark Web! If you believe you can do nothing in this case, you are wrong! You can have a fair detecting system, which will notify you if any of your credentials are exposed on the Dark Web so that you can respond immediately to it. 
  • All businesses must engage with experienced cyber professionals to enhance their cyber resilience, making them capable enough to respond and recover from a cyber-attack as quickly as possible.

There are a lot more comprehensive approaches you may take towards cybersecurity to ensure that your data and assets are well-protected. To know what they are, reach out to our team of cybersecurity experts now!

Post a Comment