The personal data of staff, students and visitors to the Australian National University dating back almost 20 years has been accessed by hackers.
A "sophisticated operator" accessed the university's systems in late 2018 and the institution realised two weeks ago, Vice-Chancellor Brian Schmidt has revealed in a statement on Tuesday.
Information that has been accessed includes some names, addresses, dates of birth, phone numbers, personal emails, tax file numbers, bank account details, passport details and student academic records.
"We believe there was unauthorised access to significant amounts of personal staff, student and visitor data extending back 19 years," Professor Schmidt said.
Credit card details, travel information, medical records, police checks, workers' compensation, vehicle registration numbers and some performance records stored by the university have not been affected.
There is also no evidence that research work has been impacted.
The hack is the second ANU has suffered within a year, with the institution confirming in July last year it was working to "contain a threat to IT within the university".
No staff, student or research information was taken on that occasion, the university said at the time.
System upgrades ANU undertook after that incident had allowed it to detect the latest incident, Prof Schmidt said.
"We must always remain vigilant, alert and continue to improve and invest in our IT security."
The university has set up a confidential direct helpline - 1800 275 268 - for anyone seeking more information or with particular concerns.
"I know this will cause distress to many in our community and we have put in place services to provide advice and support," Prof Schmidt said.
The university's chief information security offer has also issued a range of advice for ANU's committee, including resetting passwords and being cautious about opening some emails.
