Notification 1, 12/03/2020 - Addressing club BBQ's
Notification 2, 13/03/2020 - Addressing large gatherings & cancellation of Clubs Carnival
Notification 3, 17/03/2020 - Addressing the cancellation of all events, meetings and face-to-face gathering of any kind.
Notification 4, 8/06/2020 - Outlining changes to club grants and funding for the remainder of 2020, in response to the Guild's changed financial position as a result of COVID-19. A breif update with regards to activities and events both on and off campus is also included
Notification 5, 24/07/2020 - Outlining updates to events, room bookings, BBQs and function packs reopening for semester two.
Notification 6, 1/02/2021 - Addressing club and Guild operations that have been affected due to the five day WA lockdown.
Notification 7, 8/02/2021 - Covering the out of lockdown transition period and continued pause of on-campus activities including club induction which has now moved online.
Notification 8, 17/02/2021 - Covering details on the ease of restrictions on club & Guild events post-lockdown.
Following on from our email earlier this week (see below thread), we have been in touch with Curtin’s Privacy team and the Cyber Security Operations team to discuss potential issues involving clubs and societies using useGET and a data breach. We ask that clubs respond quickly and take the appropriate action, such as:
Immediately cease using GET. Perhaps consider using a new ticketing program for event ticket sales.
Contact your members AND those who attended your events after purchasing tickets via this system immediately.
Notify them of this data breach to advise them about some sensitive information that exposed some of your member data (including but not limited to phone numbers, date of birth, names, emails, student numbers, and other sensitive financial information), that may also contain data from your club/society. If you have not used UseGet (formerly QNect) in the last 16 months, then this may not apply to you, but your data may still be present in the leak.If any of your member's data is present, pro-actively reach out to them to alert them to keep an eye out for any suspicious activity
Reach out to UseGet (https://useget.com) to get a full list of any leaks that they may be aware of (particularly any financial information)
Avoid clicking on any links from sources you do not recognise. For example, if any links are sent purporting to come from QPay, check that the domain name is from quicklypay.it and signed (usually identified by a green lock box on most browsers) OR hover your mouse over the name of the link without clicking it to view the full URL. Please note they should never ask for any passwords or financial information.
Please note that we do not know the extent of the data breach and we are unaware of what personal information has been exposed (contact numbers, credit card details etc) however it’s is best to be as transparent as possible with your members at this time and advise them regardless.
Email: 13/09/19 - Clubs Officer
As per an article on Reddit: https://www.reddit.com/r/unsw/comments/d0qzro/massive_50k_australian_student_data_breach/?utm_source=share&utm_medium=ios_app
It would appear that a third party that allows student clubs to manage themselves has not been protecting their data correctly.
Initial reports are showing University of Sydney is particularly impacted. Unfortunately there is no way for Curtin as an external agency to determine if any Curtin students are impacted.
The Cyber Security Operations team is asking student clubs who might have used this service to get in touch to determine if there are any measures that need to be taken around this breach. Please advise via return email?
Email: 10/09/19 - Clubs Officer