Thousands Affected By Western Sydney University Data Breach

Giulio Saggin
Giulio Saggin
Wednesday 22 May 2024
Thousands Affected By Western Sydney University Data Breach

Western Sydney University (WSU) staff and students have had their data compromised after a breach of the University's Microsoft Office 365 environment.

The breach was first identified in January this year and the earliest known unauthorised access, which included access to SharePoint files and email accounts, was on May 17, 2023.

The WSU Solar Car Laboratory infrastructure may have been used as part of the incident and measures taken after the discovery have prevented further unauthorised access.

"Since January 2024, the University undertook its due diligence to understand the nature, scope and scale of the incident, the number of individuals impacted, and to protect against further harm," said the university in a statement released on May 21, 2024. "Overall, approximately 7,500 individuals have received notifications."

WSU has received no threats to release any of the information which was accessed, or demands in exchange for maintaining privacy.

New South Wales Police are among several bodies working on the investigation and WSU is also working with the NSW Information and Privacy Commission. If anyone else is found to be affected by the unauthorised access, they will be notified.

“On behalf of the University, I unreservedly apologise for this incident and its impact on our community," said Interim Vice-Chancellor, Professor Clare Pollock. "It is deeply regrettable, and we are committed to transparently rectifying the matter and fulfilling our obligations.”

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.


SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203