Scotch College suffers data breach through its Old Scotch Collegians
August 14, 2025 |
Hackers have attacked the hallowed halls of Scotch College, one of the elite private schools in Melbourne by hacking its IT system. Educational institutions are regular targets for cyber attacks. Universities are often hacked. They have lots of challenges, numerous entreports, constantly changing authorisations which can be stolen and used for a cyber attack, legacy systems which have inbuilt weaknesses and a huge amount of data that make attacks worthwhile. At the school level often IT systems are basic and not well maintained. In my experience school administrations do not give sufficient attention to privacy training, making phishing and spear phishing quite easy. Scotch College would have a wealth of information that would be of use to a cyber attacker.
The Age covers the story with Scotch College apologises for data breach which provides:
Data belonging to families and graduates of one of Melbourne’s most prestigious boys’ schools has been exposed after Scotch College’s IT system was hacked.
Principal Dr Scott Marsh wrote to inform members of the school community and Old Scotch Collegians on Tuesday to urge vigilance following the breach and to apologise.
In the letter seen by The Age, Marsh said the IT system had been accessed by an “unknown third party” at the weekend.
“Please be vigilant of any suspicious emails and avoid clicking on links, opening attachments, or providing personal information unless you are certain the source is legitimate,” he said.
Marsh said the school shut down all servers and disabled all accounts as a result of the hack. It also postponed all non-essential online events.
“We have engaged leading external cybersecurity experts to commence a forensic investigation of the breach and are working with our advisors to ascertain the nature of any data accessed,” he wrote in the email.
“We apologise for any inconvenience. We will continue to keep you informed on the progress of our investigation,” Marsh said.
A spokesperson for the school confirmed the college had engaged the Australian Cyber Security Centre to conduct an investigation into the breach.
“As a precautionary measure, we informed our staff, parents and past students,” the spokesperson said.
While it isn’t yet clear whether any identifiable information was accessed, the spokesperson said if the investigation revealed that sensitive information had been accessed or stolen, those affected would be contacted directly.
Alumni of the 174-year-old Hawthorn school include high-profile leaders in business, politics, sport and the arts.
Among them are former Victorian premier Jeff Kennett, former president of the Australian Academy of Science Andrew Holmes and former High Court judge Kenneth Hayne. Media personality Russel Howcroft and The Cat Empire’s lead singer, Felix Riebl, are also former students.
Annual tuition fees for domestic students in years 7 to 12 this year are $34,060.