"Western Sydney University Data Breach Exposed Student Data"
Western Sydney University (WSU) has recently notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. WSU is an educational institute in Australia and has 47,000 students and over 4,500 regular and seasonal staff. WSU noted that the investigation revealed that the earliest known unauthorized access to the University's Microsoft Office 365 environment was on May 17, 2023, and included access to some email accounts and SharePoint files. The investigation also indicated that the University's Solar Car Laboratory infrastructure may have been used as part of the incident. WSU says that the data that has been exposed varies per individual depending on the contents of the email communications and the documents stored in the University's SharePoint environment. This intrusion was only discovered in January 2024, with the University's IT team shutting the unauthorized access and launching an internal investigation into the incident involving specialists from the NSW Police, CrowdStrike, and CyberCX. The investigation's results have verified the impact on approximately 7,500 individuals, who will soon receive personalized notices via email and phone. The university noted that the number of individuals impacted by the breach may rise as the investigation continues.
BleepingComputer reports: "Western Sydney University Data Breach Exposed Student Data"