Western Sydney University Hit by Third Cybersecurity Breach This Year

Western Sydney University has reported another cybersecurity breach, marking its third incident this year, after an attacker gained access to the university’s student management system and data warehouse in mid-August using compromised IT credentials.

According to the university, the attacker initially breached the systems on August 14 and maintained undetected access until August 27, with containment achieved on August 31. This breach follows two earlier incidents this year involving the university’s Microsoft 365 and Isilon storage systems.

The university disclosed that the attacker used a compromised account to access multiple critical systems, including student records and backend data storage. Investigations indicate that the breach was executed with sophisticated and persistent techniques, targeting sensitive university data.

By October 1, Western Sydney University confirmed that personal data, including names, addresses, university-issued email addresses, student IDs, tuition information, admission and enrolment details, and demographic data (such as nationality, Indigenous status, and citizenship information), was accessed. The full extent of the data impacted is still under review.

The breach affects former and current students and staff across the university and affiliated institutions, including Early Learning Ltd. However, the university stated that no student records have been altered, nor has any stolen data appeared on dark web forums or been linked to any threats.

In response to the breach, Western Sydney University is strengthening its cybersecurity defenses, implementing round-the-clock monitoring, enhancing firewall protections, and increasing its cybersecurity team’s capacity. The university has also advised that IT network disruptions may continue as these security measures are put in place, though no specific details on the remediation are being shared at this time.