By Cyber Guard Team 
Western Sydney University has faced another cybersecurity breach, impacting approximately 10,000 current and former students. The breach occurred through the university’s single sign-on (SSO) system in January and February 2025. The stolen data included demographic, enrolment, and course progression information.
The university acted swiftly to shut down unauthorized access and launched an investigation, involving internal and third-party cyber experts. The breach has been referred to the NSW Police for further investigation. Vice-Chancellor Professor George Williams apologized for the incident, acknowledging the personal impact on the university community.
This is not the first time Western Sydney University has been targeted. In 2024, a significant breach exposed 580 terabytes of sensitive data, including names, contact details, health information, government IDs, tax file numbers, and bank account details. The data was stolen through vulnerabilities in Microsoft Office 365 and Dell’s storage platform, Isilon. The university obtained a court injunction to prevent the use or publication of the stolen data.
These incidents highlight the persistent and targeted attacks on the university’s network, emphasizing the need for robust cybersecurity measures to protect sensitive information.
Register Now