Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Western Sydney University reveals full scope of January data breach

Hackers stole nearly 600 terabytes of data during an intrusion that lasted eight months and impacted at least 7,500 individuals.

user icon David Hollingworth
Thu, 01 Aug 2024
Western Sydney University reveals full scope of January data breach
expand image

Two months after it first revealed that it had fallen victim to a data breach in January, Western Sydney University said the hacker had access to not only the university’s Microsoft Office 365 environment but also its Isilon storage platform.

Even worse, while the university said in May that its “preventative measures” had prevented any further access, it has now said the hacker was in the network for quite some time, between 9 July 2023 and 16 March 2024.

During that time, 580 terabytes of data were exfiltrated from 83 out of 400 directories in the Isilon platform.

============
============

The university first revealed the incident in May, saying it had discovered the unauthorised access in January when it first began investigating the incident. At the time, it had contacted 7,500 impacted individuals. WSU said at the time that the following student information had been accessed via a spreadsheet between 17 May 2023 and January 2024:

  • Student ID and full name
  • Date of birth
  • Graduating degree (including any honours, major or minors), date of completion and date of graduation
  • Any prizes received
  • University and personal email addresses
  • Mobile phone number
  • Grade point average (GPA) and weighted average mark (WAM)
  • Citizenship status and whether the student identifies as Aboriginal or Torres Strait Islander

In addition, WSU has said that it now believes “sensitive information relating to workplace conduct and health and safety matters, government identification documents, tax file numbers, superannuation details and bank account information”.

“Based on its forensic investigation to date, the university has no evidence that this incident extends beyond the University’s Microsoft Office 365 and Isilon environments,” WSU said in a 31 July update on its incident page.

So far, however, WSU does not believe the data has been published online, nor is anyone threatening to do so.

“The university has not received any threats to disclose private information or demands in exchange for maintaining privacy. The university has dark web monitoring in place, and there is no evidence to date that the data has been uploaded,” WSU said.

“The university has not detected any further unauthorised access to Isilon since remediation work took place. The university continues to engage with the authorities in relation to the perpetrator of the Isilon incident.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.