{"id":9336,"date":"2025-12-19T10:00:30","date_gmt":"2025-12-19T10:00:30","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/12\/19\/university-of-sydney-hacked-students-and-staff-data-exposed\/"},"modified":"2025-12-19T10:00:30","modified_gmt":"2025-12-19T10:00:30","slug":"university-of-sydney-hacked-students-and-staff-data-exposed","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/12\/19\/university-of-sydney-hacked-students-and-staff-data-exposed\/","title":{"rendered":"University of Sydney Hacked \u2013 Students and Staff Data Exposed"},"content":{"rendered":"

University of Sydney Hacked \u2013 Students and Staff Data Exposed
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

The University of Sydney has confirmed a significant data breach<\/a> affecting thousands of current and former staff members, as well as students and alums.<\/p>\n

In a message to the university community, Vice-President (Operations) Nicole Gower revealed that suspicious activity was detected in an online IT code library last week.<\/p>\n

While this digital storage space was meant for software development, it also contained old files with sensitive personal information.<\/p>\n

Hackers gained unauthorized access<\/a> to a \u201ccode library,\u201d a place where developers store and test computer code. The university\u2019s security team detected the intrusion and immediately blocked the access.<\/p>\n

Although the breach has been stopped, an investigation showed that the intruders downloaded historical files. These files were likely used for testing purposes years ago but were never removed.<\/p>\n

Notably, the university clarified that this cyber-attack<\/a> is\u00a0not\u00a0related to a separate technical issue involving student results that occurred earlier this week. The breach exposed personal details for thousands of people.<\/p>\n

According to the university, the stolen data includes: Names, Dates of birth, Phone numbers, home addresses, Job titles, and employment dates.<\/p>\n

Currently, officials state there is no evidence that the stolen data has been published online or used for fraud. However, the risk remains, and the university is monitoring<\/a> the situation closely.<\/p>\n

The breach impacts three main groups, totaling over 27,000 individuals:<\/p>\n

\n\n\n\n\n\n\n\n
Affected Group<\/th>\nApproximate Number<\/th>\nDetails<\/th>\n<\/tr>\n<\/thead>\n
Current Staff<\/td>\n~10,000<\/td>\nEmployees working at the university as of September 4, 2018<\/td>\n<\/tr>\n
Former Staff<\/td>\n~12,500<\/td>\nFormer employees who worked there as of the same 2018 date<\/td>\n<\/tr>\n
Students and Alumni<\/td>\n~5,000+<\/td>\nStudents and graduates (mainly from 2010\u20132019), plus a small number of supporters<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

University Response and Next Steps<\/strong><\/h2>\n

The University of Sydney has launched a significant investigation that is expected to continue into January 2026.<\/p>\n

They have also notified<\/a> government authorities, including the Australian Cyber Security Centre and the NSW Privacy Commissioner.<\/p>\n

\u201cWe understand this news may cause concern, and we sincerely apologise for any distress this may cause,\u201d said Nicole Gower. Notifications to affected individuals began today.<\/p>\n

The university aims to contact everyone impacted by January 2026. Security experts recommend that anyone potentially affected take the following simple steps to stay safe:<\/p>\n