Western Sydney University targets file-sharing sites hosting stolen data

Western Sydney University issued three takedown notices on file-sharing sites used to host data stolen in a breach of its single sign-on system (SSO).

The university said in an incident notification that data from the SSO hack was available via the file-sharing platforms for up to 16 days before being rendered inaccessible.

“Between June 4 and 8 2025, two open web posts and one dark web post went live, linking to three fileshare sites hosting a dataset available for download,” the university said.

“The university issued takedown notices to the two open web fileshare sites within hours of detection and by June 8 2025, those datasets had been removed. By June 20 2025, [a] third dataset was no longer accessible.

“The source of the datasets has been confirmed as the single sign-on incident.”

The university said the published dataset contained a broad amount of information, from personal details to identity document numbers, as well as government and study identifiers.

A sample of data was also published earlier in a dark web forum post, which - owing to the dark web’s nature - could not be taken down, and remains online.

The university apologised for the string of incidents it had suffered, while praising police actions that led to the arrest of a former student, who has been charged in connection with the hacks.

“Our university has been relentlessly targeted in a string of attacks on our network,” vice-chancellor and president George Williams said.

“This has taken a considerable toll on our community, and for that, I am deeply sorry.

“I’d like to thank the NSW Police who recently charged a former student from the university in relation to cyber offences. 

“As that matter is now before the Court, I cannot make any further comment other than to say the university will continue to assist police with their investigations.”