The University of Notre Dame Australia takes its obligation to protect the personal data of our staff and students seriously.
The University's significant investment in recent years to enhance its cyber security ensured that monitoring was in place to detect and limit the impact of this criminal act perpetrated against the University.
This, together with the dedication of our staff, allowed the University to take immediate action and ensure that the vast majority of our systems, including our primary human resources, financial, and student databases, were protected.
With the assistance of outside security experts, we have worked diligently since the cyber attack to complete a thorough review of data that could have been affected by cybercriminals.
Today, the University has directly notified a limited number of individuals affected in line with its obligations and is providing them with appropriate support and guidance. A public notification has also been issued that tax file numbers have also been affected.
We have worked with the Australian Taxation Office to put protective measures in place for the impacted TFNs. The University also engaged specialists to help monitor the dark web for any indication that the data may have been published online. To date, there is no evidence that this has occurred. We continue to monitor the situation actively.
Out of an abundance of caution, the University also obtained a legal injunction, which makes it a criminal offence to access, disseminate, or share this data if the perpetrator publishes it.
We are grateful to all our staff for their efforts in ensuring continuity of teaching, learning, and research throughout this incident and to our students for their patience and understanding during a difficult start to the academic year.
Media Contact: media@nd.edu.au