Western Sydney University investigates impact of breach

Western Sydney University investigates impact of breach

WSU has been investigating the impact of the breach and investing in additional remediation measures.

Jamie Akhtar, Co-Founder and CEO at Cybersmart says Western Sydney University (WSU) ‘acted commendably’ in its response to a major cybersecurity breach by shutting down the network and putting measures in place as soon as it was discovered.

“Unfortunately, this is just the latest example of cybercriminals targeting educational institutions. Universities and schools often have thousands of users on their systems, meaning just one weak link can give cybercriminals a way in. Add to this that few have the resources to employ a full-time cybersecurity team and you have the perfect target for hackers.

“However, there is help available. Schemes like Essential Eight can help educators put the building blocks of good cyberhygiene in place and there are tools available to monitor the organisation’s overall security.

“It should also be added that, in this case, WSU acted commendably, by shutting down the network and putting measures in place as soon as it was discovered.”

WSU has notified individuals impacted by unauthorised access to its IT network.

The intrusion was identified by the University in January 2024 and quickly shut down.

An investigation into the impact of the breach – and investment in additional remediation measures – has been underway since, with WSU undertaking due diligence to understand the nature, scope and scale of the incident, the number of individuals impacted and to protect against further harm. This was also done in accordance with the university’s legal obligations.

The investigation has indicated that the earliest known unauthorised access to the University’s Microsoft Office 365 environment was on 17 May 2023 and included access to some email accounts and SharePoint files.

Investigations also indicate that the University’s Solar Car Laboratory infrastructure may have been used as part of the incident.

Monitoring and scanning indicates that the preventative measures taken as a part of the incident response have successfully prevented any further unauthorised access.

The university is working with a range of authorities, including NSW Police whose investigation is on-going. The university has also been in on-going contact with the NSW Information and Privacy Commission.

Overall, approximately 7,500 individuals have received notifications either by telephone call, email or both.

The university is continuing to investigate the incident and if further persons are affected by the unauthorised access to the university IT network, they will be notified.

There have been no threats received by the university to disclose any of the private information which was accessed and the university has not received any demands in exchange for maintaining privacy.

In order to protect university staff, students and stakeholders, the university has sought and been granted an injunction from the NSW Supreme Court to prevent access, use, transmission and publication of any data that was the subject of the incident.

WSU has issued an unreserved apology over the ‘deeply regrettable’ incident and its impact on campus community – committing itself to ‘transparent rectification’.

Browse our latest issue

Intelligent CISO

View Magazine Archive