Swinburne University has confirmed that details of more than 5,000 staff and students were inadvertently made available on the Internet. The information made available was name, email address, and in some cases, a contact phone number.

Around 5,200 staff and 100 students, as well as some external parties, are believed to have been impacted by the data breach.

Swinburne said the investigation had traced the data to “an event registration webpage that is no longer available”.

“The information made available was the name, email address and, in some cases, a contact phone number,” it added.

Swinburne said it had now removed the information from the internet and had conducted an “audit across other similar sites”.

“We sincerely apologise to all those impacted by this data breach and for any concerns this has caused,” the university said.

“We are currently in the process of contacting all individuals whose information was made available to apologise to them and offer appropriate support.

“We are also contacting around 200 other individuals not connected to Swinburne who had registered for the event and whose information was also made available.”

Swinburne said it had reported the breach to the Office of the Australian Information Commissioner and the Office of the Victorian Information Commissioner.

It has also notified the Tertiary Education Quality and Standards Agency and the Victorian Department of Education and Training.

READ
How To Defend Against DDoS Attacks