Western Sydney University has revealed that some 580 terabytes of data was accessed in a breach of its IT network.
The University (WSU) revealed initial details of the cyber security incident back in May.
It has now provided an update, confirming that personally identifiable information was accessed, including names, contact details, dates of birth, health information, sensitive information relating to workplace conduct and health and safety matters, government identification documents, tax file numbers, superannuation details and bank account information.
After the University notified approximately 7,500 impacted individuals and its community about a breach to its Microsoft Office 365 environment in May, the University confirmed personal information in Isilon was also subject to unauthorised access. Isilon holds My Documents information, departmental shared folders, and some backup and archived data.
WSU says some 580 terabytes of data across 83 of the 300 directories in Isilon was breached.
“On behalf of the University, I sincerely apologise for this incident and thank our community for its patience and support,” said Vice-Chancellor and President, Professor George Williams.
“Our priority remains supporting and assisting our students, staff and stakeholders. We have set up a number of support services for them.”
The University has not received any threats to disclose private information or demands in exchange for maintaining privacy.
“The University has dark web monitoring in place and there is no evidence to date that the data has been uploaded. The University continues to engage with the authorities in relation to the perpetrator of the Isilon incident,” WSU said in a statement today.
“The University’s leadership and Board have taken a number of steps to remediate the issue and further protect staff and students, including completing a password reset, enhancing detection monitoring, implementing additional firewall protection, increasing the University’s cyber security team capacity, and reviewing data storage and retention practices.”
Based on its forensic investigation to date, the University has no evidence that this incident extends beyond the University’s Microsoft Office 365 and Isilon environments.
Troy Dodds
Troy Dodds is the Weekender's Managing Editor and Breaking News Reporter. He has more than 20 years experience as a journalist, working with some of Australia's leading media organisations. In 2023, he was named Editor of the Year at the Mumbrella Publish Awards.