A former student has been charged over an extended series of security breaches linked to the Western Sydney University cyberattack that has affected the institution since 2021. According to police, the university endured repeated unauthorized access, data exfiltration, system compromises, and the misuse of its infrastructure, activities that also involved threats to release student information on the dark web. Authorities estimate that hundreds of staff and students have been impacted over the course of the breaches.
Detectives worked with Western Sydney University, the AFP’s Joint Policing Cyber Coordination Centre (JCP3), and external cybersecurity specialists to trace the intrusions. Their investigation led to a 27-year-old woman, a former student of the university, who was first arrested and charged in June.
The Complex Case of the Western Sydney University Cyberattack
Despite the earlier arrest, police allege the student continued offending, sending more than 100,000 fraudulent emails to students to damage the university’s reputation and cause distress. As part of the continuing inquiry into the cyberattack on Western Sydney University, detectives executed a search warrant in North Kellyville, where the student was again arrested. Officers stated that she possessed a mobile phone modified to function as a computer terminal, allegedly used in cyber offences.
She was taken to The Hills Police Station and charged with multiple offences, including two counts of unauthori
Source: https://thecyberexpress.com/western-sydney-university-cyberattack-update/
Western Sydney University - School of Humanities and Communication Arts cybersecurity rating report: https://www.rankiteo.com/company/humanitiescommsarts-wsu
"id": "HUM1764928995",
"linkid": "humanitiescommsarts-wsu",
"type": "Breach",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Hundreds of staff '
'and students',
'industry': 'Education',
'location': 'Australia',
'name': 'Western Sydney University',
'size': None,
'type': 'Educational Institution'}],
'attack_vector': ['Initial Access Broker', 'Phishing Emails'],
'data_breach': {'data_encryption': None,
'data_exfiltration': True,
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (Personally '
'Identifiable '
'Information)',
'type_of_data_compromised': ['Student '
'Information']},
'date_detected': '2021',
'description': 'A former student has been charged over an '
'extended series of security breaches linked to '
'the Western Sydney University cyberattack that '
'has affected the institution since 2021. The '
'university endured repeated unauthorized access, '
'data exfiltration, system compromises, and the '
'misuse of its infrastructure, including threats '
'to release student information on the dark web. '
'The attacker also sent over 100,000 fraudulent '
'emails to students to damage the university’s '
'reputation and cause distress.',
'impact': {'brand_reputation_impact': 'Significant (fraudulent '
'emails, threats to '
'release data)',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': True,
'downtime': None,
'financial_loss': None,
'identity_theft_risk': True,
'legal_liabilities': None,
'operational_impact': 'Repeated unauthorized access '
'and system compromises',
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': ['University Infrastructure']},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': 'Threatened',
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'motivation': ['Reputation Damage', 'Distress', 'Data Extortion'],
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': True,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Police Report',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': 'Multiple charges '
'filed against the '
'threat actor',
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': None,
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': 'External cybersecurity '
'specialists'},
'threat_actor': 'Former Student (27-year-old woman)',
'title': 'Western Sydney University Cyberattack',
'type': ['Unauthorized Access',
'Data Exfiltration',
'System Compromise',
'Phishing']}