SYDNEY (Reuters) - Australia’s top-ranked university said on Tuesday hackers breached its cyber defences late last year to obtain sensitive data, including students’ bank account numbers and passport details going back 19 years.
The Australian National University (ANU) said it had only discovered the breach two weeks ago and that it was carried out by “a sophisticated operator”, without elaborating.
An earlier cyber attack, disclosed by ANU in July last year, had failed to gather sensitive information. Media reports at that time had cited sources as saying the hacking originated in China.
According to World University Rankings, ANU is Australia’s best university and many of its graduates go on to hold senior government positions, magnifying security sensitivities over the data breach.
“National community agencies are recruiting directly out of ANU,” said Fergus Hanson, head of the International Cyber Policy Centre at think-tank the Australian Strategic Policy Institute.
“To have information around particular people who are working in different departments... that would be very useful.”
Australia’s cyber intelligence agency said it was investigating who was behind the attack.
“It does appear to be the work of a sophisticated actor,” a representative of the Australian Signals Directorate said in an emailed statement.
“It is too early to speculate about connections to other compromises.”
China has consistently denied being involved in any hacking attacks and its embassy in Australia did not respond to a request from Reuters for comment.
Despite Chinese denials, Australia has cited similar incidents as evidence that China is meddling in its domestic affairs, straining ties between the two countries.
Reporting by Colin Packham; Editing by Nick Macfie