Aussie university forced to spend big in wake of cyber attacks

Western Sydney University contractor costs blow out to $53 million following a string of data breaches.

Western Sydney University’s vice chancellor has revealed the spiralling costs of dealing with a string of cyber incidents that impacted the institution throughout 2024.

Speaking in front of a Senate inquiry investigating the quality of governance in higher education, Professor George Williams said that contractor costs following the incidents had been significant.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

“The university has been badly impacted by a number of attacks,” Williams said.

“I can’t say too much because the threat actor is currently before the courts and has been arrested by the police, but we needed to engage high levels of consultant support for forensic cyber work in many millions of dollars.”

In fact, the university’s spending on contractors totalled $36 million in 2024 and $17 million so far in 2025, with cyber security costs the main contributor.

The University of Western Sydney issued an updated advisory last month outlining the impact of the 2024 attacks.

“Our university has been relentlessly targeted in a string of attacks on our network. This has taken a considerable toll on our community, and for that, I am deeply sorry,” Williams AO said in a 28 August statement.

“I’d like to thank the NSW Police who recently charged a former student from the university in relation to cyber offences. As that matter is now before the court, I cannot make any further comment other than to say the university will continue to assist police with their investigations.”

VIEW ALL

The university was able to confirm the following data had been compromised and had been offered for sale on hacking forums:

Biographic information such as name and date of birth.
Contact information such as email addresses and phone numbers.
Identity documents provided to the university, such as passport numbers, driver’s licence details, and visa details.
Tax file numbers.
Student admission and enrollment information.

Western Sydney University is continuing to work with the National Office of Cyber Security, Australian Federal Police, and the Australian Signals Directorate’s Australian Cyber Security Centre.

Ex-student Birdie Kingston began her hacking career in 2021, when she allegedly altered university systems to provide discount parking. However, her activity soon skyrocketed, and she allegedly accessed the data of around 10,000 students. She was arrested in June 2025.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

You need to be a member to post comments. Become a member for free today!

newsletter

Be the first to hear the latest developments in the cyber industry.

Aussie university forced to spend big in wake of cyber attacks

David Hollingworth

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED