The University of Newcastle has confirmed a data breach affecting its Canvas learning management system, with student information stolen by an unauthorized third party. The breach, detected on [date], compromised personal details including names, email addresses, and student identification numbers.
Details of the Breach
The incident targeted the university's instance of Canvas, a widely used platform for online learning and course management. According to the university's statement, the attacker gained access through a vulnerability in the system, which has since been patched. The university emphasized that no financial data or academic records were accessed.
Impact on Students
Current and former students whose information was stored in the system may be affected. The university has advised students to be vigilant against phishing attempts and to monitor their accounts for suspicious activity. It is also offering support services for those concerned about identity theft.
University Response
The University of Newcastle acted swiftly to secure the system and launched an investigation with cybersecurity experts. It has notified the Office of the Australian Information Commissioner (OAIC) and is cooperating with law enforcement. The university apologized for the incident and assured students that steps are being taken to prevent future breaches.
Recommendations for Students
- Change passwords for university accounts and any other services using the same credentials.
- Enable two-factor authentication where available.
- Be cautious of unsolicited emails or messages requesting personal information.
- Report any suspicious activity to the university's IT support.
The breach highlights ongoing cybersecurity challenges faced by educational institutions, which hold vast amounts of personal data. The University of Newcastle encourages students to stay informed through official channels.
