A SMS was sent out to almost 10,000 students detailing that they had a parcel to collect from Aramex and once they clicked on the link were asked to provide their credit card details.
Deakin University said the hacker also downloaded the information of 46,980 students which included their name, student ID, mobile number, and email address.
Assessment and unit marks were also obtained with the education provider saying that they’ve put a stop to the text messages and opened an investigation.
“Deakin sincerely apologises to those impacted by this incident and wants to assure the Deakin community that it is conducting a thorough investigation to prevent a similar incident from occurring again,” they said.
“Malicious attacks are becoming more common place, and more difficult for individuals to detect, however we must all remain vigilant. Deakin’s Cyber Security team is committed to protecting the personal information of our entire community.”
Emails, phone calls, online student portals and postal are the most common forms of communication they said, and that text messages will only be sent if this is an option students approve.
It’s unknown whether any student fell victim to the scam but it’s an occurrence that happens quite often.
Last year, Swinburne University suffered a data breach which published details of over 5000 staff and 100 students on the internet. It was found the data came from an event registration page which had contact details and names of potential attendees.
In previous years Australia National University, Australian Catholic University and the University of Tasmania also had mass data breaches which affected thousands of people.
