You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

For breaking news and daily updates, subscribe to our newsletter.
Advertisement

WA university forces students to change passcodes following cyber attack

The University of Western Australia (UWA) has forced its students and staff to change their passwords after suffering a cyber attack affecting thousands.

WA university forces students to change passcodes following cyber attack
expand image

Over the weekend, UWA disclosed that it had suffered a cyber incident and that staff and students had been locked out of its network until they changed their details.

“The university has detected unauthorised access to university password information. As a security measure, all staff and students have been locked out of UWA systems and are required to reset their passwords to gain access,” the university said.

“We do not believe any other information has been accessed; however, we are continuing to investigate this incident as our highest priority.”

 
 

The university’s chief information officer, Fiona Bishop, said the university activated its critical incident management team to counter the cyber attack.

“Our IT and many teams worked tirelessly overnight on Saturday and through the weekend to lock and reset all students’, staff and visitor passwords,” she said, speaking with ABC Radio Perth.

“We do know that people will continue to need support in resetting their password, and so, we will continue to man that effort over the course of the next couple of days.”

Bishop has said that there is currently no evidence that any data beyond passwords had been accessed and that no threat actor had yet reached out, adding there was “no indication of ransomware”.

However, Bishop said that the investigation is ongoing and that she is “exceptionally pleased” with the team’s responsiveness.

“We’ve already moved on to recovery and investigation,” she said.

“We’re working feverishly to ensure everyone can log on, staff and students have [been] provided a three-day extension to student assessments.”

However, a number of Reddit users claiming to have experience with UWA’s operations said that the university’s management has not rolled out cyber protections properly in the past.

“Totally not surprising having previously worked as a technology vendor at UWA,” said one user.

“Departments don’t speak to each other. Cyber policies half rolled out and not aligned to the network side of things.

“I’d imagine their research is leaking more than a sieve.”

Bishop added that UWA would continue to bolster its cyber security to prevent future incidents.

“Universities are powerhouses of information and learning, and the sector as a whole is a cyber target, which is only increasing as they become more digital and modernised,” she said.

The university did not disclose how many students were impacted by the incident.

UWA was previously targeted in a cyber attack in 2022, which led to a 22-year-old Perth man being charged with one count of unlawfully using a computer and gaining or intending to gain a benefit after he allegedly hacked the university.

The previous breach led to names, home addresses, email addresses, phone numbers, emergency contact details, birth dates, student IDs and photos, course and unit details and grades, birth country, and citizenship statuses being accessed by threat actors.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.