The University of Sydney (USYD) announced that a breach at a third-party service provider exposed personal information of recently applied and enrolled international applicants.
The public university started operations in 1850 and has nearly 70,000 students and about 8,500 academic and administrative personnel. It is considered one of Australia’s most important educational institutes.
In the data breach announcement, the university says that incident had a limited impact and the preliminary investigation found no evidence that local students, staff, or alumni have been impacted.
“The issue was isolated to a single platform and had no impact on other University systems. There is currently no evidence that any personal information has been misused” – University of Sydney
It is unclear if the intruder picked the time of the attack deliberately or it was an opportunistic endeavor.
The university says that impacted impacted will be contacted and receive the required support to mitigate the risk of exposure.
Regarding the data that the attacker accessed, USYD says it’s still in the process of determining that and urges all international applicants to follow the guidance provided on this web page.
For any other questions or to report suspicious communications like phishing attempts, students are advised to email ict.support@sydney.edu.au.
The public disclosure does not clarify when the breach occurred or what third-party service was hacked.
At this time, there are no announcements about a disruption in USYD’s systems, however, students should remain vigilant and treat unsolicited communications with caution.
Earlier this week, the University of Michigan announced it had to shut down its operation-critical systems to deal with a serious cybersecurity incident.
In June, the University of Manchester suffered a data breach where hackers stole an undefined amount of data from its networks.
Further back in 2023, ransomware gangs attacked and disrupted the operations of the Queensland University of Technology, the Open University of Cyprus, and the Bluefield University.
Source: https://www.bleepingcomputer.com/news/security/university-of-sydney-data-breach-impacts-recent-applicants/