The Australian National University (ANU) is facing a serious cyber attack after being targeted by the FSociety ransomware group. The Canberra-based institution is currently investigating the alleged ransomware incident, working closely with the Australian Cyber Security Centre.
This ANU cyber attack came to light when ANU was listed as a victim on FSociety’s darknet leak site. FSociety typically obscures victim names, using only the first and last letters of each word. However, in this instance, the victim was easily identifiable.
A February 16th leak post from FSociety stated: “To the board of A********n N******l U********y, We have took over the servers Au.edu.au and before encryption we extracted all data, we will give you (seven) days before any leak. All Student and Teacher Leak in this field will hurt future image, if you comply we will be willing to make this all go away. We will be waiting for your response.”
The message threatened data publication within seven days, but no ransom amount was specified. The amount of stolen data remains undisclosed.
A spokesperson for the Australian National University confirmed the investigation: “We are investigating and are working with the Australian Cyber Security Centre,” the spokesperson said. “We have no further updates at this stage.”
While the current iteration of FSociety has been active only since May 2024, a group with the same name was observed in 2016 developing a new ransomware variant. Both groups use a logo similar to the fictional FSociety from the TV show Mr. Robot. Operating as a ransomware-as-a-service (RaaS) provider, FSociety boasts a dedicated affiliate page on its leak site. In January 2025, they began collaborating with FunkSec.
ANU is FSociety’s first known Australian victim. With an 18,934 student enrollment (2022 data) and over 4,000 staff, the university is a significant target. The institution previously suffered a major data breach in 2019, affecting 19 years of student and teacher data—an incident suspected to have originated from China, according to intelligence officials.
