More than 10,000 employees, students and former staff have now been affected by the major cyber attack on one of Queensland's largest tertiary institutions.
QUT in January revealed thousands of people associated with the university potentially had their personal data compromised by a ransomware attack in December.
The cyber attack was identified after campus printers began to spit out bulk ransomware notes, which led the university to shut down a number of its IT systems as a precaution.
At that stage, it was publicly stated 2,500 current staff and some former staff at the state's second-largest university had their personal data stolen.
But in a statement released today, QUT has revealed updated details of those affected and apologised for the impacts.
They said a total of 11,405 people were impacted by the Royal Ransomware cyber-attack -- including 2,492 current university staff and 8,846 former staff.
There are also 17 current students and 50 former students who have been hacked, according to QUT.
The spokesperson said 3,820 people's tax file numbers had been breached.
"After detailed forensic analysis we did establish late last month that the cybercriminals managed to access a number of files on an internal storage drive, some of which included personal information of current and former employees and students," the statement said.
The data could be used by hackers to engage in identity fraud, however a university spokesperson said there is currently no evidence of any criminal activity using the data accessed.
"Firstly, QUT is disappointed and sorry that this cybercrime has potentially impacted on our staff and former staff. It is important to note the security of our HR, student or financial systems was not compromised or accessed by the cyber criminals," the statement said.
"We also have no evidence to date of any further illegal activity in relation to the data that may have been accessed by the cyber criminals."
The note from the hackers in December said: "Your critical data was not only encrypted but also copied", warning it could be published online unless a "modest royalty" was paid.
Cyber security measures boosted
Since the attack, a QUT spokesperson said the university had ramped up security measures and asked all staff and students to reset passwords.
Additional verification steps for those working and studying from home were also put in place, they said.
"We have also implemented additional expert monitoring and validation mechanisms," the statement said.
"At every stage of our response we have been in regular communication with staff students and all relevant Queensland and Federal authorities."
QUT vice-chancellor Professor Margaret Sheil said the university had found the vulnerability in its system.
"We understand how this happened, what the particular vulnerability was, we have addressed that," she said.
Professor Sheil said she is confident this "scenario of events" won’t happen again.
"Can I be confident that we won't be subject to further attacks? I can't, I can never be that confident," she said.
"They are very active, these kinds of criminals, and we are not the only ones being targeted."
The university said those impacted by the breach have been notified by email or mail and have been offered additional ID protection and counselling.
"The information was in storage files only accessible to a limited number of authorised personnel," QUT's statement said.
"Going forward we will accelerate our use of more secure, cloud-based and other forms of storage.
"We have commenced [a] further review and monitoring of all systems and storage to ensure that they are managed in accordance with the relevant legislative requirements for retention and record keeping and will review and update if necessary QUT retention and records policy and practices."
