Security News > 2024 > May > Western Sydney University data breach exposed student data

Western Sydney University has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment.

In an announcement posted on the Western Sydney University website today, the University warned that hackers had accessed its Microsoft Office 365 environment, including email accounts and SharePoint files.

The data that has been exposed varies per individual depending on the contents of the email communications and the documents stored in the University's SharePoint environment.

"There have been no threats received by the University to disclose any of the private information which was accessed, and the University has not received any demands in exchange for maintaining privacy." - WSU. WSU added that the University's core operations haven't been impacted, so the incident is not expected to disrupt classes, exams, registrations, or research programs.

The University has evaluated the security measures introduced post-compromise as adequate to prevent the re-occurrence of similar incidents and has been granted an injunction from the NSW Supreme Court to prevent the dissemination of any data that was accessed/stolen during the attack.

University System of Georgia: 800K exposed in 2023 MOVEit attack.

News URL

https://www.bleepingcomputer.com/news/security/western-sydney-university-data-breach-exposed-student-data/