Share this article on:
Australian not-for-profit ANU Enterprise (ANUE) has been listed on the dark web by the ThreeAM ransomware gang.
The organisation, which is a subsidiary of Australian National University, maximises research by the university through work with researchers, industry and government to deliver larger projects.
ANUE was listed on ThreeAM’s dark web leak site on 31 October; however, the threat actor gave no information as to the nature of the incident other than 0 per cent of the allegedly exfiltrated data has been published.
It is currently unclear whether or not any data was exfiltrated or whether any ransomware has been deployed, and, if so, if negotiations have begun.
Cyber Daily has reached out to ANUE for more information about the incident and is currently awaiting a response. This story will be updated as it continues to develop,
Earlier this week, Western Sydney University announced that it had suffered its second cyber attack for the year, with threat actors exfiltrating personal data from its back end.
In an email sent to Cyber Daily, the university said the threat actor gained access to an IT account, through which it accessed data “from the Student Management System and other back-end data storage systems, including the Data Warehouse” on 14 August.
The university discovered the breach almost two weeks later, on 27 August, and by 31 August, the access was “contained”.
Now, the university has announced that its investigations have unveiled that personal data was accessed in the incident, including “names, addresses, university-issued email addresses, student identification numbers, tuition fee information (including fees deferred to HELP/HECS), student admission and enrolment data (including subject, results and progression information), and student demographic data (including nationality, Indigenous status, country of birth, citizenship status, gender and date of birth)”.
While the threat actor behind the incident is still unknown, it revealed that the actor used sophisticated techniques to gain access, adding that the incident was targeted.