Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers claim to have stolen more than 62 gigabytes of data from the Australian university, including student medical records and more.
The Fog ransomware gang has claimed responsibility for a cyber incident impacting the University of Notre Dame Australia.
The university said in late January that it had reported a cyber incident to the Australian Cyber Security Centre, which was assisting in its investigations.
At the time, the University of Notre Dame Australia said it could not comment further as the investigation was ongoing.
The Fog ransomware operation is now claiming to have exfiltrated 62.2 gigabytes of data from the university, according to a February 11 post on its darknet leak site. According to the hackers, the stolen data includes contact details of employees and students, student medical documents, and confidential documents such as non-disclosure agreements.
The hackers have not listed a ransom demand or a ransom deadline.
The University of Notre Dame is aware of the hackers’ claims.
“Following a recent cyber incident which disrupted some of the University of Notre Dame Australia’s IT systems, we have become aware that a third party has named the university online and claims to have accessed some of our data, including staff contact details,” a spokesperson told Cyber Daily.
“We are working to verify these claims as a priority. At this stage of our forensic investigation, all evidence indicates the information held on our primary human resources, financial and student database system remains secure.
“Any potential impact would be limited to data held separately on a small number of servers. We are working to determine the details of that information. We take the protection of our data seriously, and should we detect that any personal information has been impacted, we will notify relevant individuals and other parties, as required, as soon as possible.
“While our investigation is ongoing, we would also like to assure our staff, students and other partners that we are taking all appropriate steps to respond. We have notified the Australian Cyber Security Centre (ACSC) and are engaging with other relevant government agencies.
“We understand this news may cause concern, and we thank our community for their ongoing support as we work to resolve this as swiftly as possible.”
The Fog ransomware operation was first observed in May 2024 and is known to take advantage of compromised VPN credentials for its initial access.
The gang is technically proficient and able to go from initial access, establishing command and control infrastructure, reconnaissance and lateral movement, to data exfiltration and encryption in as little as two hours.
Fog’s most recent Australian victim was Waverley Christian College, which the gang listed on its leak site in December 2024. The gang also targeted mechanic and roadside assistance franchise Ultra Tune in October of the same year.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
