Western Sydney University issued three takedown notices on file-sharing sites used to host data stolen in a breach of its single sign-on system (SSO).
The university said in an incident notification that data from the SSO hack was available via the file-sharing platforms for up to 16 days before being rendered inaccessible.
“Between June 4 and 8 2025, two open web posts and one dark web post went live, linking to three fileshare sites hosting a dataset available for download,” the university said.
“The university issued takedown notices to the two open web fileshare sites within hours of detection and by June 8 2025, those datasets had been removed. By June 20 2025, [a] third dataset was no longer accessible.
“The source of the datasets has been confirmed as the single sign-on incident.”
The university said the published dataset contained a broad amount of information, from personal details to identity document numbers, as well as government and study identifiers.
A sample of data was also published earlier in a dark web forum post, which – owing to the dark web’s nature – could not be taken down, and remains online.
The university apologised for the string of incidents it had suffered, while praising police actions that led to the arrest of a former student, who has been charged in connection with the hacks.
“Our university has been relentlessly targeted in a string of attacks on our network,” vice-chancellor and president George Williams said.
“This has taken a considerable toll on our community, and for that, I am deeply sorry.
“I’d like to thank the NSW Police who recently charged a former student from the university in relation to cyber offences.
“As that matter is now before the Court, I cannot make any further comment other than to say the university will continue to assist police with their investigations.”