Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

ThreeAM ransomware lists ANU Enterprise on its dark web blog

Australian not-for-profit ANU Enterprise (ANUE) has been listed on the dark web by the ThreeAM ransomware gang.

user icon Daniel Croft
Fri, 01 Nov 2024
ThreeAM ransomware lists ANU Enterprise on its dark web blog
expand image

The organisation, which is a subsidiary of Australian National University, maximises research by the university through work with researchers, industry and government to deliver larger projects.

ANUE was listed on ThreeAM’s dark web leak site on 31 October; however, the threat actor gave no information as to the nature of the incident other than 0 per cent of the allegedly exfiltrated data has been published.

It is currently unclear whether or not any data was exfiltrated or whether any ransomware has been deployed, and, if so, if negotiations have begun.

============
============

Cyber Daily has reached out to ANUE for more information about the incident and is currently awaiting a response. This story will be updated as it continues to develop,

Earlier this week, Western Sydney University announced that it had suffered its second cyber attack for the year, with threat actors exfiltrating personal data from its back end.

In an email sent to Cyber Daily, the university said the threat actor gained access to an IT account, through which it accessed data “from the Student Management System and other back-end data storage systems, including the Data Warehouse” on 14 August.

The university discovered the breach almost two weeks later, on 27 August, and by 31 August, the access was “contained”.

Now, the university has announced that its investigations have unveiled that personal data was accessed in the incident, including “names, addresses, university-issued email addresses, student identification numbers, tuition fee information (including fees deferred to HELP/HECS), student admission and enrolment data (including subject, results and progression information), and student demographic data (including nationality, Indigenous status, country of birth, citizenship status, gender and date of birth)”.

While the threat actor behind the incident is still unknown, it revealed that the actor used sophisticated techniques to gain access, adding that the incident was targeted.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.