Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Western Sydney University (WSU) is currently investigating a cyber incident after it detected unauthorised access affecting students earlier this year.
In an email shared by the university with Cyber Daily, WSU said that it suffered a “single sign-on incident” in which unauthorised access occurred on the accounts of current and former students throughout January and February.
According to the statement, data access is related to enrolment, progression, and demographic. WSU said it will be contacting “approximately 10,000 current and former students next week” regarding the incident.
“As soon as the unauthorised access was detected, the University’s internal and third-party cyber experts immediately began working to shut down the perpetrator’s access to the system in real time,” said WSU’s media team.
“Investigations into the incident are ongoing.”
WSU said it was also made aware of a dark web post on 24 March 2025. Based on university investigations to date, the post was made on 1 November 2024; however, the university has said that the post relates to a previous data breach.
“The University continues to investigate the post in conjunction with the authorities. Early investigations indicate that the information contained in this post broadly reflects the same types of personal information outlined in previous cyber notifications,” it said.
On 31 October 2024, the day before the new dark web post was made, WSU published a statement saying in August, a threat actor gained access to personal data including “names, addresses, university-issued email addresses, student identification numbers, tuition fee information (including fees deferred to HELP/HECS), student admission and enrolment data (including subject, results and progression information), and student demographic data (including nationality, Indigenous status, country of birth, citizenship status, gender and date of birth)”.
The incident reportedly occurred on 14 August 2024 but was discovered by the university on 27August and then contained on 31 August.
Additionally, the university said it "has previously sought and was granted an interim injunction in the NSW Supreme Court to prevent access, use, transmission and publication of any data associated with the post. "
WSU vice-chancellor and president, Distinguished Professor George Williams AO, acknowledged that WSU has repeatedly suffered cyber attacks that have interrupted education.
“Western Sydney University has been the subject of persistent and targeted attacks on our network. The University is very aware of the personal impact these incidents are having on its students, staff and wider community,” said Williams.
“On behalf of the University, I apologise to our community. Our teams are working hard to respond and strengthen our digital environment.
“The higher education sector is increasingly the target of cyber attacks and Western Sydney University is not immune to this evolving threat landscape.
“We ask our community to stay vigilant, remain alert and respond promptly when you are asked to take action.”
Prior to the latest two incidents, on 21 May, Western Sydney University’s then-interim vice-chancellor, Professor Clare Pollock, said that in January, an intrusion was detected in the university’s Microsoft Office 365 environment but was quickly shut down.
However, investigations revealed that access occurred as early as 17 May 2023 and that 7,500 students had been impacted.
“Since then, the university has been investigating the impact of the unauthorised access and investing in additional remediation measures,” Pollock said.
“Monitoring and scanning indicates that the preventative measures taken as a part of the incident response have successfully prevented any further unauthorised access.”
Be the first to hear the latest developments in the cyber industry.
