The University of Sydney on Thursday announced that hackers stole personal information pertaining to roughly 27,500 people from one of its online code libraries.
The compromised library, it said, was used for code storage and development, but contained historical data files likely used for testing purposes at the time the code was built.
Within these data files, the university identified personal information pertaining to staff employed in September 2018, including names, addresses, phone numbers, dates of birth, and basic job details.
“While the data has been accessed and downloaded, there is currently no evidence it has been used or published,” the university says in an incident notice.
Individuals impacted by the data breach include 10,000 current and 12,500 former staff and affiliates associated with the university in September 2018.
The stolen files also included historical data from 2010-2019, pertaining to around 5,000 alumni and students and six supporters, the higher education institution said.
“We are actively monitoring for any signs of publication or dissemination of this information and will continue to do so. If we discover any such publication, we will contact staff again as an immediate priority,” the university says.
The University of Sydney notified the relevant authorities of the attack and has been working with cybersecurity partners to investigate the full scope of the incident.
“An investigation is underway and, given its complexity, we expect this process to continue into the new year. At this stage, the unauthorized access was limited to a single platform and did not affect other university systems,” it says.
The institution began notifying the affected individuals on Thursday and expects to complete the notifications in January 2026.
Related: 113,000 Impacted by Data Breach at Virginia Mental Health Authority
Related: 700Credit Data Breach Impacts 5.8 Million Individuals
Related: Fieldtex Data Breach Impacts 238,000
