Cyber attack exposes student and staff private details
Personal information of public school students and teachers was compromised in a massive global data breach affecting millions.
Queensland Education Minister John-Paul Langbroek confirmed on Thursday there had been a “cybersecurity incident” involving third-party provider Instructure, which provides the Department of Education’s QLearn platform.
The breach affected thousands of educational institutions across Australia and overseas, including public schools and universities in Queensland, and more than 9,000 institutions worldwide.
“Early advice is that students and staff working or studying in Education schools in Queensland have been affected since 2020 when the former government introduced the online system,” Mr Langbroek said in a statement.
At this stage it is believed that names, email addresses and school locations have been compromised.
“There is no evidence that passwords, dates of birth or financial information were accessed in the data breach,” Mr Langbroek said.
School principals are contacting families and teachers to inform them about the incident.
The Department provides priority support to families and teachers known to have concerns about domestic and family violence or Child Safety issues.
Mr Langbroek said the Department of Education would continue to update Queenslanders as more information became available.
Concerns in Queensland come after the University of Technology Sydney said Canvas, a learning management system provided by Instructure and used by several Australian universities, was affected by a “cyber incident” globally.
Canvas is widely used to deliver and manage learning for students and staff.
A spokesperson for the University of Technology Sydney said that although Canvas was still operating normally, they were working to assess the impact of the cyber incident.
“We are working with vendor Instructure to confirm whether UTS data was compromised as part of this incident and to fully understand the potential impacts should a breach occur,” a spokesperson said on Wednesday.
RMIT University, which has campuses across Melbourne, confirmed on Monday it had been made aware of a cyber incident affecting its Canvas learning management system.
Flinders University in South Australia told AAP that student and staff data held on the Canvas platform may have been affected.
“We are seeking further information and monitoring the situation closely to understand the nature and scope of this,” a spokesman told AAP.
“Flinders University informed our students and staff earlier this week and provided further updates, as well as taking precautions to minimize the potential impact.”
