Cyber Incident Victim: University of Notre Dame Australia
Date:
Jan 2025
Location:
Australia
Summary
The University of Notre Dame Australia confirmed a cyber incident impacting its Western Australia campus, prompting an investigation with assistance from the Australian Cyber Security Centre and external cybersecurity experts. The university stated it took the incident seriously, prioritized system security, and notified relevant government agencies while ensuring enrolments and orientation programs remained unaffected. No threat actor claimed responsibility, and the institution emphasized minimizing disruptions to staff and students, though details regarding the nature of the incident or potential data impacts were not disclosed.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The University of Notre Dame Australia confirmed a cyber incident on January 28, 2025, following initial reports to ABC News in Western Australia regarding potential disruptions to its multifactor authentication service. The university’s Western Australia campus initiated an investigation into the possible cyber attack, engaging external cybersecurity experts to assist in determining the scope and nature of the breach. A university spokesperson stated that the incident was being treated with urgency, with efforts focused on securing systems and minimizing operational disruptions. The Australian Cyber Security Centre (ACSC) and other relevant government agencies were notified, and the university collaborated with these entities as part of its response strategy. Despite the incident, the university assured stakeholders that student enrollments remained unaffected and that the February orientation program would proceed as scheduled. Internal communications, including a letter to students, confirmed the involvement of third-party specialists in the investigation, though no specific technical details about the attack vector or initial intrusion method were disclosed.
The investigation remained ongoing at the time of reporting, with no public confirmation of impacted data types, attacker motives, or the duration of unauthorized access. The university emphasized prioritizing staff and student welfare while working to restore normal operations, though it did not specify whether any systems were taken offline as a containment measure. No threat actor had claimed responsibility for the incident, and the university refrained from commenting on whether ransomware or data exfiltration was involved. Updates were promised to the community as the response progressed, though the lack of attributed claims or detailed forensic findings limited public understanding of the incident’s full scope. The university’s public statements focused on procedural actions—reporting to authorities, engaging experts, and maintaining academic operations—without elaborating on technical mitigations or long-term recovery steps.