Between the security incidents, the educational institute suffered another data breach in May 2023, which it discovered and disclosed it a year later, informing its community that hackers had accessed its Microsoft Office 365 environment, including email accounts and SharePoint files. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. Western Sydney University (WSU) announced two security incidents that exposed personal information belonging to members of its community. The second cybersecurity incident concerns a leak on the dark web of personal information belonging to members of the University’s community. “The University is very aware of the personal impact these incidents are having on its students, staff, and wider community,” Williams stated. It is unclear if the post published on the dark web in November 2024 contains information stolen during that incident, or if it concerns a separate case altogether. The investigation revealed that the hackers maintained access to WSU’s networks between July 9, 2023, and March 16, 2024, obtaining access to 580 terabytes of data. The university states that it took immediate action to block the attacker once it became aware of the breach, and investigations into the incident are ongoing. Although that hackers published the data on November 1, 2024, WSU only became aware of it this year on March 24. That incident was later estimated to have impacted 7,500 individuals, exposing names, contact details, dates of birth, health information, government ID numbers, and bank account information.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 11 Apr 2025 16:30:26 +0000