Around 10,000 Deakin University students have been embroiled in a cyber attack after a hacker gained access to the institution’s internal systems and targeted individuals with scam text messages.
In a blog post yesterday, Deakin University said on Sunday 10 July it became aware of the incident which also saw the cyber criminal download the contact details of 46,980 current and past students including their names, student IDs, mobile numbers, Deakin email addresses and even recent unit results.
The texts, sent to 9,997 students, came about after a staff member’s username and password was obtained by a hacker and used to access information held by a third-party provider engaged by Deakin to forward messages prepared by the University to students by SMS.
The students were then sent an SMS, as if from Deakin, with the following text:
According to the university, anyone who clicked on the link was then taken to a form which asked for additional information, including credit card details.
“Immediate action was taken by Deakin to stop any further SMS messages being sent to students and an investigation into the data breach was immediately commenced,” Deakin University said.
“Deakin will report the breach, and be guided by, the Office of the Victorian Information Commissioner (OVIC).
“Deakin continues to investigate the incident and is working with the third-party provider to ensure security protocols are enhanced to prevent any recurrence of this breach.”
Those who…
