UoW beefs up cloud security after December breach
As part of its cleanup following a data breach in December, the University of Wollongong (UoW) has announced several new security measures to prevent similar incidents and mitigate further damage.
The attack occurred on December 7, 2023, and the university revealed that the incident was quickly contained. Data that can potentially be accessed by unauthorized third parties includes names, addresses, email addresses, phone numbers and numbers of potentially retired members, bank names and bank account numbers.
In its latest statement, the UoW said its investigation into the data breach has now been completed, now allowing it to inform staff and students of the specific individual impact they face due to the incident.
Following the breach, the university also revealed that it has taken steps to further protect its systems and has installed new security measures.
“The university sincerely apologizes for any inconvenience to staff and students and would like to reiterate that the affected system has been contained and all necessary measures have been taken. [are] Measures have been taken to strengthen controls in an effort to prevent similar incidents. [from] is happening,” the UoW said.
Students who wish to check if they have been affected should contact the university’s AskUOW service, while staff should contact IDCARE, “or create a P&C support ticket”.
In an FAQ on its website, the university revealed that three key measures have been implemented since the breach, one of which is stronger cloud security measures.
“We have implemented new security controls over key cloud-based systems incorporating the latest best practice techniques. “We have also activated additional security surveillance services,” the university added.
“There is a function to report phishing in Outlook when you have the email open. “Each report is investigated by the IMTS cybersecurity team and necessary action will be taken, including blocking senders.”
The university has said it has not observed any cases of phishing emails following the incident, but has urged students and staff to “remain vigilant by reporting suspicious emails and avoiding clicking on unknown or suspicious links.”