HomeMalware & ThreatsData Breach Discovered by Western Sydney University

Data Breach Discovered by Western Sydney University

Published on

spot_img

Hackers have successfully breached the Western Sydney University’s storage platform and gained unauthorized access to a staggering 580 terabytes of data, including personal information belonging to both staff and students. The cyber incident, which was initially discovered in January, was the result of malicious actors exploiting the university’s Microsoft Office 365 environment.

According to a statement released by the university on Wednesday, the hackers managed to infiltrate the Isilon storage platform and accessed data stored in 83 out of the university’s 400 directories. This revelation comes on the heels of a previous notification where the university disclosed that about 7,500 students had their data compromised after malicious actors accessed their email accounts and SharePoint files. With a student population of 47,000 and over 4,500 staff members, the scale of the breach is significant.

The hackers first gained unauthorized access to the university’s Microsoft Office 365 environment in May 2023 and maintained their presence there until January. Furthermore, investigations suggest that the university’s Solar Car Laboratory infrastructure may have been utilized as part of the cyber incident. Subsequently, the hackers managed to breach the Isilon storage environment in July 2023 and continued to access data stored there until March 16, 2024.

The compromised data includes a wide range of personal identifiable information such as names, contact details, birthdates, health information, government identification documents, tax file numbers, bank account information, and superannuation details. Additionally, sensitive information related to workplace conduct, health, and safety matters was also exposed. The university refrained from disclosing the exact number of individuals affected by this breach.

Despite the severity of the incident, the university reassured that its day-to-day operations remain unaffected and that there have been no threats from the hackers to disclose private information in exchange for money. Furthermore, monitoring of the dark web did not yield any evidence of the stolen data being uploaded or traded on illicit platforms.

As the investigation into this cyber breach continues, Western Sydney University is working diligently to enhance its cybersecurity measures and prevent similar incidents in the future. The university has urged all staff and students to remain vigilant and report any suspicious activity to the appropriate authorities. This breach serves as a stark reminder of the persistent threats posed by cybercriminals and the importance of robust cybersecurity practices in safeguarding sensitive data.

Source link

Latest articles

Hackers Exploiting Image and Video Attachments for Malware Delivery

Cybercriminals have been developing new and sophisticated ways to deliver malware, with a recent...

LevelBlue Wins Top MSS Award from Frost & Sullivan

LevelBlue was recently honored with the prestigious Frost & Sullivan’s 2024 Best Practices Competitive...

Number of Victims Paying Ransom Hits Record Low

An incident response firm recently reported that the percentage of organizations opting to pay...

PrivatBank, Ukraine’s Largest Bank, Infected with SmokeLoader Malware

The financially motivated threat actor group UAC-0006 has been identified as the mastermind behind...

More like this

Hackers Exploiting Image and Video Attachments for Malware Delivery

Cybercriminals have been developing new and sophisticated ways to deliver malware, with a recent...

LevelBlue Wins Top MSS Award from Frost & Sullivan

LevelBlue was recently honored with the prestigious Frost & Sullivan’s 2024 Best Practices Competitive...

Number of Victims Paying Ransom Hits Record Low

An incident response firm recently reported that the percentage of organizations opting to pay...