A high profile cybercriminal group has stolen the data of every single student and teacher from Queensland schools in a worldwide security breach and are holding the information for ransom.
Threat actor group ShinyHunters compromised the names and emails of all past and present individuals ending in ‘@eq.qld.gov.au’ and ‘@qed.gov.au’, dating back to 2020, on Thursday morning.
Some universities have also been affected.
Queensland Education Minister John-Paul Langbroek said school locations were also compromised, but there was ‘no evidence of passwords, dates of birth or financial information accessed’.
‘School principals are in the process of contacting families and teachers to advise them of the breach,’ he said.
‘The Department of Education is providing priority support to families and teachers with known family and domestic violence, or those known to Child Safety.’
The Department of Education immediately started boosting its firewall protections as a result of the cyberattack affecting an estimated 200 million people and more than 9000 institutions globally.
The hackers stole the private details from third-party provider Instructure, which operates Canvas — the cloud-based gateway to the Department of Education’s QLearn system.
The data of every single student and teacher from Queensland schools have been stolen following a worldwide security breach
Threat actor group ShinyHunters compromised the names and emails of all past and present individuals ending in ‘@eq. qld .gov.au’ and ‘@qed.gov.au’, dating back to 2020
The Daily Mail understands that principals have received a pre-approved template to send to individuals should their data be released publicly and that letters will also be sent to the last known mail addresses of those affected.
The department attended an online meeting this morning with other impacted institutions across the world.
