Last night, National Tertiary Education Union (NTEU) servers were subject to a ransomware attack according to an email sent to members by General Secretary Matthew McGowan.
“At this early stage we cannot be certain of the extent of the data breach and its implications” McGowan states in the email. However, at this stage the hackers have not expressed an intention to publicly release any data obtained.
The union claimed that members’ bank and credit card details may not have been accessible by the hackers, citing heightened security measures in place to protect these details.
Despite this, the union is making no assumptions. McGowan recommended members change the passwords for their credit cards and online banking accounts as soon as possible.
“Out of caution we also advise you to check that no suspicious or fraudulent activity has taken place in relation to your banking and credit card accounts,” said McGowan. The union is asking members to “maintain a higher level of vigilance for the time being”.
Despite the data breaches, McGowan emphasised that the union “takes our responsibility to secure the data that you have entrusted us with seriously”.
The Office of the Australian Information Commissioner has been notified about the breach, as is required by law.
The data breach is the most recent in cyber attacks on unions and the tertiary education sector. In 2020, the ProctorU data of students and staff across multiple Australian universities was obtained and released by hackers. The University of Tasmania was separately affected in 2020 by a data breach. Hackers accessed the data of NSW Labor Party members in May last year.
The NTEU has committed to notifying its members of any updates.