A leading Australian university with close links to the government and the defence and intelligence communities, the Australian National University (ANU), revealed yesterday that it had been attacked by cyber hackers who gained access to personal details of up to 200,000 students and staff dating back 19 years.
This is the second major cyber attack against the university in the past year, raising concerns that foreign actors could be trying to capture sensitive information about students who may go on to hold senior government positions.
An attempted infiltration last year was traced to operators in China, according to unnamed sources cited by Fairfax Media.
ANU's vice-chancellor, Professor Brian Schmidt, said yesterday that the attack began late last year and was detected two weeks ago, but was not revealed until the system had been protected from "secondary or opportunistic attacks".
He said the data accessed included "names, addresses, dates of birth, phone numbers, personal e-mail addresses and emergency contact details, tax file numbers, payroll information, bank account details and passport details".
"The university has taken immediate precautions to further strengthen our IT security," he said in a message to students and staff. "We are doing all we can to improve the digital safety of our community."
The government agency which defends against cyber attacks, the Australian Signals Directorate, said it was investigating the attack but could not yet say whether it was linked to last year's threat.
The ANU, located in Canberra a short distance from Parliament House, has security-and defence-focused research centres and a strong public policy focus.
Graduates have gone on to become MPs, heads of government departments and prime ministers.
Analysts suggested the attack may have been by a state actor trying to access details of researchers or by a criminal group attempting to capture personal information to enable fraud and identity theft.
Mr Tom Uren, a cyber-security expert at the Australian Strategic Policy Institute, said the culprit was not yet known but China was a likely suspect.
"They have a history of stealing large data sets and the theory is that they're putting these together to try to build a picture of people of interest to use for either counter-intelligence or intelligence purposes," he told ABC News.
"I've also heard the theory that the Chinese are interested in foreign universities because they've a large number of overseas students… and universities are traditionally a hotbed of radicalism and that's a concern for the Chinese."
Just over 7,400 international students were enrolled at the university in 2016, which had a student body of roughly 20,000 as of last year, according to ABC.
Australian security agencies have warned of repeated attempted cyber attacks by foreign actors against Australian governments, businesses and universities. An attack in February on Australia's Parliament was blamed on China by unnamed security sources.
China's alleged cyber attacks on Australia come during a period of heightened tension between the two countries. Beijing was angered by Canberra's efforts to curb foreign interference - which were seen as targeted at China - and its warnings about the security risks of dealing with Chinese telecommunications firm Huawei. Foreign students at ANU were last year barred from participating in an internship programme that allowed them to work at an MP's parliamentary office.
The Australian Financial Review reported that the decision was made by Parliament due to concerns about "the potential risk of Chinese students exploiting this privileged access to MPs and ministers' offices".
Home Affairs Minister Peter Dutton would not comment on whether the authorities believed a state actor or criminal group was behind the attack.
