Hacked? NSW Education in major outage



news The NSW Department of Education and Communities has confirmed it has suffered a major event in its IT operation this week that knocked key staff services such as email offline, with an an unverified source claiming it had been hacked and suffered the deletion of thousands of accounts.

The department is one of the largest employers in NSW, with about 100,000 staff listed in its 2012 annual report, including some 61,000 school teachers and a further 10,000 more working in TAFE colleges across the state. It daily serves the needs of around 750,000 school students and several hundred thousand more TAFE students. Because of this, the department is also one of the largest buyers and users of technology goods and services nationally.

On Tuesday night, Delimiter received an anonymous tip stating that DEC had been “hacked”, with approximately 139,000 accounts deleted”. The tipster stated that this meant that the department was unable to conduct staff authentication of accounts into its systems, meaning teachers would be locked out of teaching resources and central departmental staff out of management resources.

In response to the allegations, the department yesterday issued a statement acknowledging it was suffering issues, but with few specific details, and without explicitly denying the allegation that its systems had been compromised. “The department has been working to resolve this as a matter of high priority and it is hoped services will be returned to normal by tomorrow,” the department said.

“There has been an issue with school staff access to some computer services, including email. The vast majority of school teachers have still been able to access the internet and locally held teacher resources. The Department is also investigating the cause of the incident.”

If the department was compromised and accounts deleted, it is likely that the damage would ultimately have been limited to staff accounts rather than student accounts.

In 2008 the department migrated its 1.5 million student email accounts to Google’s Gmail/Google Apps platform, rather than choosing to operate this kind of massive IT infrastructure itself. However, it is believed that its staff and teacher accounts still primarily use a Microsoft Exchange platform. Typically large organisations using Microsoft infrastructure use centralised account identification through the software giant’s Active Directory platform to authenticate users to wider system resources.

So has the NSW Department of Education suffered a major hack, as our anonymous tipster claimed? I don’t know — the department hasn’t confirmed that yet. However, what we do know is that the department has indeed suffered a major outage that is affecting its ability to get basic work done. I can only imagine the chaos caused in schools across NSW as teachers realise they can’t access their email.


    • This kind of hack has nothing to do with the technology used and everything to do with poor configuration or operations.

    • I gather you didn’t read the next and final paragraph of the article then?

      The department spokesperson said that while the cause of the outage is still unknown, the issue is not related to Google’s services provided to the department.

  1. The DEC uses Exchange and Active Directory for all staff/teacher email systems, while student accounts are on a separate Google provided system. The student emai never went down in this incident, only the staff emai. (And yes, ZDNet got that part entirely wrong).

    Obviously a problem that affected the main Active Directory, but I have no idea what, and the department is not telling anyone a thing at this point (including their own staff). It affected more than email as well, because this same Active Directory is used to authenticate a number of internal services.

Comments are closed.