Cyber Incident Victim: RMIT University

On February 18, 2021, RMIT University experienced a widespread IT outage affecting access to multiple university-supported applications and systems. The disruption began prior to Thursday evening, February 18, when RMIT's IT services team publicly acknowledged technical issues via Twitter at 9:45 PM AEDT, stating they were actively working on resolution efforts. By Friday, February 19, external reports emerged suggesting the outage stemmed from a phishing attack, though the university disputed claims of a "significant cyber attack" in a 5:00 PM AEDT statement. RMIT maintained there was no evidence of data breaches at that stage, citing independently validated analysis of the incident. The outage necessitated operational adjustments, including the continuation of remote work for staff to facilitate restoration efforts while maintaining access to essential platforms like Office 365 and Canvas, the university's learning management system.

Restoration activities progressed over the following days, with RMIT announcing by Monday, February 21, that significant recovery milestones had been achieved across affected IT infrastructure. The university confirmed on-campus classes would proceed according to schedule despite the disruption, with orientation activities for students continuing as planned. Staff remained under remote work arrangements to accelerate system recovery, though critical academic and administrative functions persisted through available services. RMIT did not publicly disclose technical specifics regarding the outage's root cause or the full scope of impacted systems beyond confirming the restoration of "many" affected platforms. No further updates regarding forensic findings or data compromise were provided in the immediate aftermath of the recovery announcement.