May 21, 2024 at 03:45PM
Western Sydney University (WSU) suffered a data breach in its Microsoft 365 and Sharepoint environment. The breach affected 7,500 individuals, leading to the unauthorized access of email accounts and SharePoint files. Following investigations, the university confirmed no threats to disclose accessed information. There are measures in place to prevent further incidents, and support services have been made available.
From the meeting notes, it is clear that Western Sydney University (WSU) has experienced a significant data breach involving its Microsoft 365 and Sharepoint environment. The breach, which occurred in May 2023, was only discovered later in January 2024. Approximately 7,500 individuals are confirmed to be impacted, and the university is taking steps to provide personalized notices to these individuals. Although there are ongoing investigations, the university has emphasized that its core operations have not been impacted, and it does not expect any disruptions to its academic and research programs. Additionally, WSU has implemented security measures to prevent similar incidents from happening in the future and has obtained an injunction from the NSW Supreme Court to prevent the dissemination of any stolen data. Despite the lack of specific details about the nature of the security incident, WSU has stated that it does not appear to involve system encryption or extortion based on threats to leak stolen data. As of now, no ransomware or extortion groups have claimed responsibility for the attack, leaving the perpetrators unknown. The university is offering support to impacted students and personnel through a dedicated phone line and is engaging with Australia’s national identity and cyber support service, IDCARE.