Cyber Incident Victim: North Metropolitan TAFE

On August 28 and September 5, 2017, an unidentified attacker gained unauthorized remote access to North Metropolitan TAFE's IT systems in Western Australia. The breach compromised sensitive personal information of 13,782 students and an unspecified number of staff members. Accessed data included names, addresses, some encrypted passwords, and IP addresses. Western Australia's Education Minister Sue Ellery confirmed in a parliamentary address that no current passwords, active login credentials, or financial/banking information were exposed during the intrusion. The attacker's methods were characterized as "fairly unsophisticated," though specific technical details of the attack vector were not disclosed. Immediate system shutdowns occurred upon discovery of the breaches, though the exact timeline between initial compromise and detection remains unspecified in available reports.

The Western Australian Police launched a criminal investigation into the incident, while the state government initiated an internal review of the breach. As a precautionary measure, the state's four other TAFE colleges conducted network scans to check for unauthorized access, with no additional compromises reported. This incident occurred against a backdrop of persistent cybersecurity criticisms from WA Auditor-General Colin Murphy, who had months earlier documented systemic vulnerabilities across state agencies including easily guessable passwords, unpatched systems, and unencrypted backup tapes. The breach coincided with the state government's ongoing implementation of a new whole-of-government digital security policy, which had been released in June 2017 following Murphy's repeated warnings about inadequate security controls that could be "easily addressed" at minimal cost. No evidence suggested further malicious activity beyond the confirmed data access during the two intrusion dates.