Â鶹´«Ã½Ó³» of Queensland is working to assist students and staff who could be caught up in an online data breach which has affected 593 million people worldwide.
The threat includes vendors selling people’s security information in slabs of data that appear to have been compiled from several attacks on popular online social media and collaboration sites.
Â鶹´«Ã½Ó³» Chief Information Officer Mr Rob Moffatt said the breach did not compromise Â鶹´«Ã½Ó³» systems, but had primarily affected people who had replicated a specific combination of their Â鶹´«Ã½Ó³» email and password for external services.
“I stress that Â鶹´«Ã½Ó³»’s systems have not been breached or hacked,” Mr Moffatt said.
“However, we have identified 4000 students and 2500 staff at risk, and have acted immediately to help them shore up their online security.”
He said the issue was identified through Â鶹´«Ã½Ó³»’s online security safeguards.
“Security checks have shown only an extremely small percentage of the identified cohort are still using the jeopardised credentials for their Â鶹´«Ã½Ó³» accounts.
“In fact it appears only two of the 2500 at-risk staff members were still using the compromised credentials for their Â鶹´«Ã½Ó³» accounts, and this has now been resolved.
Students and staff at risk of using jeopardised credentials for accounts external to Â鶹´«Ã½Ó³» have been contacted and advised to change their passwords immediately.
Mr Moffatt said Â鶹´«Ã½Ó³» had recently implemented several measures to improve password strength as well as promotions to encourage students and staff to regularly change their passwords.
The data breach appears to have been a composite international effort and not targeted specifically at either Â鶹´«Ã½Ó³» or Australia.
Â鶹´«Ã½Ó³» and other organisations in the Asia-Pacific region were alerted to the threat via AusCERT, a self-funded cyber emergency response team which was formed from Â鶹´«Ã½Ó³»-based specialists in 1993.