Australian Information Security Incident Reported: February 3 2017

The Australian Nuclear Science and Technology Organisation (ANSTO) is investigating a computer security breach at the Australian Synchrotron that saw hackers steal scientists’ usernames and passwords Friday.

“The Australian Synchrotron apologises to users of the Australian Synchrotron User Portal for an incident that occurred on Friday the 27th of January whereby the email address and encrypted password of registered users were obtained by unauthorised persons though the exploitation of a security vulnerability,” the email says. Immediate action has been taken to address this vulnerability and a comprehensive security review of the Australian Synchrotron User Portal is now underway, we’re told.

The portal also requires users to fill out their names, academic qualifications, organisation, department, and position, and offers fields for street addresses, phone numbers, citizenship, and gender.

Source: Particle accelerator hacked: Boffins’ hashed passwords beamed up • The Register