Western Sydney University recently experienced a significant cybersecurity breach, resulting in fraudulent emails being sent to students and alumni. These emails falsely claimed that recipients’ degrees had been revoked and that they were permanently excluded from further studies at the university. Some emails even contained official university links and accurate personal details, causing considerable stress and anxiety among those affected.
The university, which has campuses across Sydney, acknowledged the fraudulent nature of these emails and confirmed that they were not issued by the institution. The breach has prompted an investigation by the NSW Police Cybercrime Squad, and individuals who believe their information may have been compromised are encouraged to report the issue.
Additionally, students reported receiving emails from a suspicious address named “Parking Permits,” which claimed a security vulnerability had been exploited to create false parking permits. The incident has highlighted ongoing security weaknesses within the university’s systems.
This breach follows a previous incident earlier this year, where the personal data of approximately 10,000 students was leaked on the dark web. A former student was charged in connection with that attack and appeared in court in August. The university is currently unable to provide further comments due to the ongoing police investigation.
