Western Sydney University SSO system breached

Western Sydney University has experienced its fourth cyber incident in two years, this time affecting the data of 10,000 current and former students after an unspecified “single sign-on system” was breached.

The university said in a statement that “unauthorised access” to the single sign-on system was gained in January and February of this year.

“Demographic, enrolment and progression information” of “approximately 10,000 current and former students” was impacted.

The university intends to start notifying affected individuals next week.

It said that once the breach was detected, it worked with its internal cyber team and third-party resources “to shut down the perpetrator’s access to the system in real-time.”

The university said it is also investigating a dark web forum post from November that appeared to contain “personal information from the university community”.

The origin of the information is unclear. However, it appears it could be related to previous cyber incidents that impacted the university.

It experienced three cyber incidents in the calendar year 2024.

Following in the footsteps of other breached organisations, the university said it had been granted an interim injunction in the NSW Supreme Court “to prevent access, use, transmission and publication of any data associated with the” dark web post.

Vice-chancellor and president, Distinguished Professor George Williams, acknowledged the university’s multiple run-ins with threat actors.

“Western Sydney University has been the subject of persistent and targeted attacks on our network,” he said.

“The university is very aware of the personal impact these incidents are having on its students, staff and wider community.

“On behalf of the university, I apologise to our community. Our teams are working hard to respond and strengthen our digital environment.”

Williams added that the higher education sector generally was also being targeted and that Western Sydney University “is not immune to this evolving threat landscape.”