The Australian Signals Directorate says it is too early to say who is behind a massive data breach that has exposed the personal details of the Australian National University's staff, students and visitors going back 19 years.
The breach, which was detected two weeks ago despite first happening in late 2018, is said to be by a "sophisticated operator," but the government agency responsible for Australian cyber security can't say whether a state actor was involved.
Data including names, addresses, phone numbers, email addresses, tax-file numbers, payroll information, bank account details, passports and student academic records were accessed during the data breach.
In a message to staff and students at the university, Vice-Chancellor Brian Schmidt said the breach was detected on May 17, after a "sophisticated operator" accessed systems illegally late last year.
"We're working closely with Australian government security agencies and industry security partners to investigate further," Dr Schmidt said.
"We have no evidence that research work has been affected."
"The systems that store credit card details, travel information, medical records, police checks, workers' compensation, vehicle registration numbers and some performance records have not been affected."
The data breach comes as China-based hackers infiltrated the university's IT systems in July last year.
A spokeswoman for the Australian Signals Directorate said it was too early to speculate about connections to other compromises.
"Proper and accurate attribution of a cyber incident takes time and any attribution would be done in a measured fashion," the statement said.
"We can confirm that ASD, through the Australian Cyber Security Centre, is working with ANU to secure the networks, protect users and investigate the full extent of the compromise."
RELATED CONTENT:What should you do about the ANU data breach?
Dr Schmidt said upgrades to IT systems following the first attack last year allowed the university to detect the latest breach.
"For the past two weeks, our staff have been working tirelessly to further strengthen our system against secondary or opportunistic attacks," Dr Schmidt said.
"We must always remain vigilant, alert and continue to improve and invest in our IT security.
"We are taking this incident extremely seriously and we are doing all we can to improve the digital safety of our community."
Staff and students at the university were told about the data breach in an email just after 11am on Tuesday.
A university spokesman said the breach had been referred to federal government agencies and are unable to attribute who was behind the attack.
Information in ANU email addresses were not accessed in the breach.
The university said information accessed during the breach was copied and had not been altered.
Students and staff had been told by the university's chief information security officer to change passwords, monitor incoming emails and use updated systems on devices.
More to come