🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇦🇺 AU › Education
Education sector · leaderboard
Own the Education leaderboard
The top banner across the Education overview and every Education record — one advertiser, exclusively.
Own this leaderboard → breach@govern.co.nz

Deakin University

🇦🇺 Victoria · Deakin University · Record AU-2022-0713
○ Reported — awaiting official confirmation
Reported — awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
46,980 (approx)
Breach date
2022-07
Regulator
OVIC notified
Trust tier
B · Reported

Data exposed

Names, student ID numbers, mobile numbers, university email addresses and recent unit results; about 9,997 people then received scam SMS messages Company-confirmed

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In July 2022 Deakin University disclosed that the details of about 47,000 current and former students had been accessed after staff credentials to a third-party SMS provider were compromised [dk-itnews], [dk-acs]. Around 9,997 people then received scam text messages. Exposed data included names, student IDs, mobile numbers, university emails and recent unit results.

Current status

Disclosed. The ~47,000 figure is the university’s own, reported to the Victorian privacy regulator (OVIC) [dk-itnews].

Why it matters

A compromised supplier account let attackers both read student data and immediately weaponise it for scam messaging — a fast pivot from breach to harm.

GGOVERN Tabletop Exercises · Govern house Keep the campus running when the systems go dark. Book a Discovery Call →