Australian Defence Force Academy Hacked


Hacker Darwinare recently published information on more than 20,000 users of the Australian Defence Force Academy (ADFA) which is run by the University of New South Wales (UNSW).

"The systems were compromised in November, with UNSW notifying staff and students within a day, but [the attack] has only now come to light," writes The Register's Richard Chirgwin.

"It's not the end of the world, fortunately," writes Sophos' Paul Ducklin. "No juicy Defence secrets such as troop movements, aircraft plans, coastal patrol schedules, or weapons purchases have been revealed. And UNSW did the right thing, candidly explaining the breach to those affected the day after it was reported. The breach included student ID, full name, email address and date of birth; similar data about staff was dumped, too."

"The University of New South Wales, which runs the campus and the website, says much of the information is out of date," writes ABC News' Ewan Gilbert. "But it has taken steps to mitigate any damage by deleting email addresses and updating their security. It has warned its staff and students to be on the watch for future ID theft."

"Mark Gregory, Senior Lecturer in Electrical and Computer Engineering at RMIT University, described the situation as mind-boggling," writes The Conversation's Sunanda Creagh. "'This, in my view, is a national security failure and should be treated as such,' he said."

"Darwinare, who describes himself as 'the first black hacker,' has previously breached the networks of online bookstore Amazon and at least two American universities," writes The Sydney Morning Herald's Markus Mannheim. "He contributes to Anonymous and joined its raids on Israeli government websites last month in response to that nation's airstrikes in the Gaza Strip. When asked why he targeted ... ADFA, he said: 'Oh, that old thing: I was bored.'"