The University of Sydney (USYD) has reported a data breach involving a third-party service provider, leading to the exposure of personal information for a subset of international applicants. The breach did not affect local students, staff, alumni, or donors.
Upon detecting the breach, USYD promptly initiated an investigation. Their findings indicate that the breach was confined to a specific platform, and fortunately, other University systems remained unaffected. The details of the accessed data and the nature of the attack on the third-party service have not been made public by the University.
As per the USYD statement, The breach appears to pertain to a limited segment of international students and applicants. We are in the process of gauging the full extent of this incident and are reaching out to the impacted students. We advise students and concerned applicants to adopt best practices to safeguard their information.
As of now, there’s no evidence suggesting misuse of the compromised personal information. In response to the incident, USYD has informed the necessary cyber security entities and the NSW Privacy Commissioner. They’ve urged students to stay alert to potential phishing threats and any unsolicited communication through email, text messages, or phone calls.