Following recurrent breach reports from three American universities, the Oregon State University, Graceland University, and Missouri Southern State University, another university confesses a similar security incident. This time, the report comes from Australia. Reportedly, the Australian Catholic University (ACU) fell victim to a phishing attack affecting several employees. As a result, the university suspects breach of employee data and other details.
Australian Catholic University Suffered Phishing Attack
Reportedly, the Australian Catholic University suffered a cyber attack that resulted in a data breach. The university discovered the breach on May 22, 2019, after it identified a massive phishing attack targeting numerous staff accounts and University systems. ACU has disclosed the details in a post published on their official website.
As stated in the post by the Acting Vice-Chancellor of the University, Dr. Stephen Weller, the phishing attack tricked the employees to reveal their account credentials.
The data breach originated from a phishing attack: an email pretending to be from ACU tricking users into clicking on a link or opening an attachment and then entering credentials into a fake ACU login page.
This incident, though affected a small number of users, allowed the attackers gain access to other information.
In a very small number of cases, staff login credentials were obtained successfully via the phishing email and were used to access the email accounts, calendars and bank account details of affected staff members.
Nonetheless, the post does not state any precise number of individuals affected during this incident. Nor does the University reveal the timings and duration of the attack, only that they discovered it on May 22nd 2019.
ACU Contained The Attack
Following the discovery of the breach, the University quickly took measures to contain the attack. They notified the affected individuals of the breach and reset their accounts. The University also informed the relevant law enforcement and security agencies to investigate the matter.
Apart from employing security measures, ACU also reinstated the importance of cybersecurity awareness among the staff.
We also recognise the importance of cyber security awareness for students and staff and are reviewing ACU’s cyber security awareness programs.
In addition, they also reiterate the known precautionary steps for the staff to maintain their online security. This includes keeping the passwords secure, avoiding to share passwords, avoiding to click to links or attachments in emails from unknown senders, and staying vigilant while answering phone calls. Moreover, they also advise not to use ACU account credentials on non-ACU accounts.
Take your time to comment on this article.