University of Western Australia staff, students ‘locked out' of accounts after passwords compromised by data breach
The University of Western Australia (UWA) confirmed details of the cyber-security incident that rocked their Perth campus at the weekend.
In a post on the UWA website, the university wrote that all staff and students were required to reset their passwords.
'The University has detected unauthorised access to university password information. As a security measure, all staff and students have been locked out of UWA systems and are required to reset their passwords to gain access,' the message on the home page reads.
'We do not believe any other information has been accessed; however, we are continuing to investigate this incident as our highest priority.'
A similar message was shared to the university's Facebook page.
In a statement, a UWA spokeswoman said: 'The University of Western Australia is investigating and addressing a cybersecurity incident involving unauthorised access of university password information.'
'We detected this activity and our cyber experts and advisors quickly swung into action,' the spokeswoman said.
'This incident is being treated with the highest priority and there is currently no evidence further information has been accessed.
'The University immediately took preventative action to maintain security and is notifying its staff and students regarding these countermeasures, and we have notified the appropriate authorities. The University apologises for any inconvenience related to this incident.'
Speaking to ABC Radio Perth, UWA chief information officer Fiona Bishop said a 'critical incident management team' was deploying countermeasures.
She told the program that teams from the university worked 'tirelessly' overnight on Saturday and through the weekend to mitigate the situation.
'We've already moved on to recovery and investigation,' she said.
Ms Bishop said there was no evidence any information aside from passwords had been accessed.
'We're very mindful of the impact on students that action took,' she said.
'We're working feverishly to ensure everyone can log on.'
A three-day extension has been provided to students in light of the data breach.
The attack comes just days after the Australian Information Commissioner announced it was launching legal action against Optus for allegedly failing to protect the data of 9.5 million people in an unrelated, more embarrassing data breach in 2022.
The lawsuit alleges that from on or around October 17, 2019 to September 20, 2022, Optus seriously interfered with the privacy of about 9.5 million Australians by failing to take reasonable steps to protect their personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.
The case is being pursued as an alleged breach of the Privacy Act 1988.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
News.com.au
2 hours ago
- News.com.au
Missing one-year old Hariet Kamlade was last seen near Orange in central NSW
A desperate search is underway to locate a one-year-old girl who is missing from her home in a small regional town and may be with a man and woman known to her. Hariet Kamlade was last seen on Ridell St in Molong, about 35km northwest of Orange in Central NSW about 5pm on Tuesday, NSW Police said. Police have serious concerns for Harriet's welfare due to her young age and a health condition that requires regular medication. Harriet was last seen wearing a pink top, blue and grey pants and white shoes. She is described as caucasian, about 70cm tall with a thin build, blonde hair and blue eyes. Police have been told Harriet may in the company of a man and woman both related to her. A police spokesman said the man is aged in his 60s, caucasian, about 175cm tall, of a medium build, with short grey hair and brown eyes. 'The woman is described as being aged in her 30s, of caucasian appearance, about 170cm tall, of a thin build, with black hair and brown eyes,' a NSW Police spokesman said. 'As part of ongoing inquiries, police believe the toddler travelled to the Dubbo area with the man and woman and may still be in that area.'
The Australian
3 hours ago
- The Australian
Nearly half of Aussie internet users smashed by scammers last year
Nearly half of Australian internet users fell victim to cybercrime last year, according to a new report, with only a quarter of respondents admitting they regularly updated their passwords. The Cybercrime in Australia: 2024 report, released by the Australian Institute of Criminology, found that 47 per cent of respondents experienced cybercrime over the last 12 months. Online abuse and harassment was the most common type of cybercrime, sitting at 26.8 per cent. This was followed by identity crime and misuse (21.9 per cent), malware (20.6 per cent), and fraud and scams (9.5 per cent). A quarter of respondents also reported experiencing a data breach. Nearly half of Australian internet users fell victim to cybercrime last year. Picture: Supplied. The report found only about a quarter of Aussies were regularly updating their passwords, including emails, banking, online stores and social media. About the same amount of people used a secure password manager, while more than 50 per cent of respondents reported using a different password for online secure accounts like banking. 'Many respondents are not taking simple but important steps to improve their online safety,' the report stated. Some of the most common passwords used at work include 'password', '123456', 'qwerty' and 'boobies', according to NordVPN. Minister for Home Affairs and Cyber Security Tony Burke said the research would help ensure the government's response to cybercrime was 'evidence-based, targeted, and effective'. 'Remember these three simple steps to stay safe online – always install the latest software updates, use unique passphrases, and enable multi-factor authentication wherever it's available,' Mr Burke said. The reminder follows the federal government's 'Act Now. Stay Secure' campaign, which aims to arm Aussies with online safety strategies. Tony Burke reminded Aussies to stay safe online. Picture: NewsWire / Gary Ramage The Australian Strategic Policy Institute (ASPI) in May claimed that cybercriminals viewed Australia as 'lucrative and underprepared', citing a conversation between a hacker and ABC's John Lyons in a 2023 Four Corners episode. 'Australians are the most stupidest humans alive … and they have a lot of money for no reason, a lot of money and no sense at all,' the hacker reportedly said over the encrypted app Telegram. The hacker claimed he was part of REvil, a Russian cybercrime gang, and alleged REvil were involved in the hack. 'While offensive, the comment points to a broader perception among cybercriminals: Australia is lucrative and underprepared,' the ASPI article read. Online abuse and harassment was the most common type of cybercrime. Picture: Supplied. The Australian Information Commissioner (AIC) has launched civil proceedings in the Federal Court against Medibank over the 2022 hack. The AIC alleged Medibank 'seriously interfered with the privacy of 9.7 million Australians' by failing to take reasonable steps to protect its information. The civil case is before the Federal Court of Australia. A case management hearing is set for November 21. Clareese Packer Reporter Clareese is a Court Reporter at NewsWire. She previously covered breaking news for the outlet after completing the 2023 NewsCorp cadet program, where she worked at The Australian, The Daily Telegraph, the National News Network and NewsWire. Clareese Packer
News.com.au
3 hours ago
- News.com.au
Nearly half of Aussie internet users smashed by scammers last year
Nearly half of Australian internet users fell victim to cybercrime last year, according to a new report, with only a quarter of respondents admitting they regularly updated their passwords. The Cybercrime in Australia: 2024 report, released by the Australian Institute of Criminology, found that 47 per cent of respondents experienced cybercrime over the last 12 months. Online abuse and harassment was the most common type of cybercrime, sitting at 26.8 per cent. This was followed by identity crime and misuse (21.9 per cent), malware (20.6 per cent), and fraud and scams (9.5 per cent). A quarter of respondents also reported experiencing a data breach. The report found only about a quarter of Aussies were regularly updating their passwords, including emails, banking, online stores and social media. About the same amount of people used a secure password manager, while more than 50 per cent of respondents reported using a different password for online secure accounts like banking. 'Many respondents are not taking simple but important steps to improve their online safety,' the report stated. Some of the most common passwords used at work include 'password', '123456', 'qwerty' and 'boobies', according to NordVPN. Minister for Home Affairs and Cyber Security Tony Burke said the research would help ensure the government's response to cybercrime was 'evidence-based, targeted, and effective'. 'Remember these three simple steps to stay safe online – always install the latest software updates, use unique passphrases, and enable multi-factor authentication wherever it's available,' Mr Burke said. The reminder follows the federal government's 'Act Now. Stay Secure' campaign, which aims to arm Aussies with online safety strategies. The Australian Strategic Policy Institute (ASPI) in May claimed that cybercriminals viewed Australia as 'lucrative and underprepared', citing a conversation between a hacker and ABC's John Lyons in a 2023 Four Corners episode. 'Australians are the most stupidest humans alive … and they have a lot of money for no reason, a lot of money and no sense at all,' the hacker reportedly said over the encrypted app Telegram. The hacker claimed he was part of REvil, a Russian cybercrime gang, and alleged REvil were involved in the hack. 'While offensive, the comment points to a broader perception among cybercriminals: Australia is lucrative and underprepared,' the ASPI article read. The Australian Information Commissioner (AIC) has launched civil proceedings in the Federal Court against Medibank over the 2022 hack. The AIC alleged Medibank 'seriously interfered with the privacy of 9.7 million Australians' by failing to take reasonable steps to protect its information.
