STUDENT DATA RELEASED
HACKERS PUT SCHOOL INFO ON DARK WEB
DATA stolen from Newcomb Secondary College has reportedly been released by hackers onto the dark web after they penetrated the school’s computer systems.
A Victorian Department of Education spokesperson confirmed a “small number” of the school’s files were released on Wednesday by ransomware gang Avaddon, which is understood to have also targeted the Australian Labor Party and a Telstra service provider this week.
DATA stolen from Newcomb Secondary College has reportedly been released by hackers onto the dark web after they successfully penetrated the school’s computer systems.
Ransomware gang Avaddon, suspected to be responsible for the cyber attack, is understood to have also targeted the Australian Labor Party in NSW and a Melbournebased Telstra service provider this week.
A Victorian Department of
Education spokesperson confirmed on Thursday it believed a “small number” of the school’s files were released overnight on Wednesday.
“Investigations are ongoing to determine the nature of these files and if any contain personal data,” the spokesperson said.
“The school will be contacting all individuals that may have been affected and working with those families to ensure that support is provided.”
The data breach comes after the Geelong school was initially targeted by the cyber criminals during the Easter school holidays.
The hackers posted an ultimatum to school officials on the dark web a fortnight ago, threatening to leak documents if the school failed to “communicate and co-operate”.
Included in the post were excerpts of documents, including one appearing to bear the name of a student.
The hackers set a ticking clock due to hit zero early this week, warning school officials to get in touch before then or risk valuable documents being leaked.
The school’s website home page currently displays a “privacy error” message warning users that attackers might be trying to steal personal information such as “passwords, messages or credit cards”.
The department spokesperson said it was “working closely” with the college to respond to the incident and alerted police “as soon as it became aware of the breach”.
It is not known how the files were accessed.
A Victoria Police spokesman confirmed detectives from its e-crime squad were investigating the ransomware incident.
It is understood detectives have attended numerous meetings between the department and the school.
The Office of the Victorian Information Commissioner (OVIC) said the department informed it of the initial data breach on April 29.
“While OVIC is not directly involved in responding … we have provided the department with guidance about managing the privacy implications of the data breach,” it said.
RMIT University cyber security professor Matt Warren previously said the cyber attack on Newcomb Secondary demonstrated the new “cyber normal” that all Australian organisations now faced.
“Schools would not necessary see themselves as targets of cyber attacks, but their systems contain personal information of students and staff as well as financial-related information.” Professor Warren said.