**University of Sydney Discloses Data Breach Impacting 27,000 People**
A serious security breach has rocked the University of Sydney, with hackers gaining unauthorized access to an online code library and stealing personal data linked to approximately 27,500 individuals. The affected group includes current and former staff, affiliates, students, and alumni.
The University of Sydney confirmed that the breach occurred when threat actors accessed an online code library used for code storage and development. Unfortunately, this repository also contained historical data files, which were compromised as a result of the unauthorized access. The exposed files included personal information of approximately 10,000 current staff members, 12,500 former staff members, and roughly 5,000 alumni and students.
According to the University's breach notification, the stolen data includes sensitive information such as names, dates of birth, phone numbers, home addresses, and basic job information. While there is currently no evidence that the accessed data has been misused or made public, the university is actively monitoring the situation and will promptly inform affected individuals if any signs of use or publication emerge.
Interestingly, this incident appears to be unrelated to a recent student results issue affecting the University. In September 2023, the University of Sydney announced that a data breach suffered by a third-party service provider exposed the personal information of recently applied and enrolled international applicants. However, an investigation revealed that only a limited number of individuals had their personal data compromised.
**What Happened?**
In a statement, the University explained that on [date], unauthorized access was detected in one of its online code libraries. Immediately after discovering the breach, the university took action to protect its systems and community by blocking the unauthorized access and securing the affected environment.
**What Data Was Compromised?**
The compromised repository contained historical data files dating back to 2010-2019, which included personal information about:
* **10,000 current staff members**: Name, date of birth, phone number, home address, and basic job information. * **12,500 former staff members**: Similar information as above. * **5,000 alumni and students**: Mostly names, dates of birth, and basic contact information.
**What's Next?**
The University is working closely with cybersecurity partners to investigate the incident and assess its full impact. The institution has reported the breach to authorities and is committed to keeping affected individuals informed about any developments in the case. Notifications to impacted individuals are expected to commence today and will be completed by January 2026, when a thorough assessment of file reviews will be completed.
**Tips for Affected Individuals**
In light of this incident, the University has provided general advice on precautions that can be taken to reduce the risk of accessed data being misused:
* Be cautious about opening unsolicited emails or attachments. * Regularly monitor your financial accounts and credit reports for any suspicious activity. * Change passwords for all online accounts, especially those containing sensitive information. * Consider implementing two-factor authentication on sensitive accounts.
The University has emphasized that it will continue to prioritize the security of its systems and community. By staying vigilant and taking proactive steps to protect personal data, individuals can minimize their risk in the event of a breach like this one.