Melbourne Polytechnic recently announced on Wednesday that they experienced a “highly complex” data breach. The breach was said to have occurred between September to December 2018. Melbourne Polytechnic was only informed of the data breach in October 2019 after an investigation by the Victoria Police. The data breach exposed over 50,000 files stored in Melbourne Polytechnic’s IT systems, which contained personal, health and financial data of students, staff and suppliers.

Although not as targeted as other industries such as the government or financial industry, the education industry still frequently experiences data breaches. According to the 2019 Verizon Data Breach Investigations Report (DBIR), insecure email credentials, web and mobile application errors and social engineering were the main weak points of the education industry. Financial motives still remained the main motivation with 80% of data breaches being financially motivated. 57% of data breaches in the education industry included at least one external threat actor. Alarmingly, 45% of the data breaches also included at least one internal threat actor. 

Therefore, schools and other organizations must proactively continue to manage risks using the most effective security measures. One security method the education industry should consider is implementing Auraya’s EVA voice biometrics technology. EVA is an easy-to-consume, cloud-based voice biometric extension for telephony and digital channels. With voice biometrics, schools and organizations will be able to securely verify their students and staff’s identity using their voice. Students and staff no longer need to remember (or set ‘easy to guess’) passwords or secret answers in order to access portals or even their emails.
EVA is language-independent, allowing all domestic and international students and staff to be verified with their voice. It can also be installed securely on the cloud or on-premise, allowing schools and other organizations to choose where to store their data. But what makes EVA really effective is that it can detect and prevent cybercriminals from hacking into schools and other organizations’ systems. Cybercriminals won’t be able to mimic, record or synthesize other people’s voices in order to break into the system. Their voiceprints can also be recorded and kept on an ‘impostor list’ to ensure any future or repeating offenders are detected in real-time, preventing a data breach from occurring.