University of Sydney data breach exposed personal information of 27,000 individuals

A data breach last week at the University of Sydney has exposed the personal information of approximately 27,000 people, the Australian institution announced Thursday.

Administrators at the university, which enrolls approximately 78,000 students, notified the public that the data breach affected one of its online IT code libraries.

“While principally used for code storage and development, unfortunately there were also historical data files in this code library containing personal information about some members of our community,” the university’s announcement read.

Those affected include about 10,000 current staff and affiliates, 12,500 former staff and affiliates, and about 5,000 alumni and students. The university said it is “carefully working through the data to identify all members” affected.

The university also said it’s providing numerous services for its students following the breach, such as counseling and emergency and protective services. The university’s announcement also points to several government programs, such as one providing identity theft protection and another providing mental health support.

Data breaches affecting universities and their vendors have become common. A Princeton University database breach in November compromised personal information. And this month the Federal Trade Commission ordered the edtech firm Illuminate Education to improve its data security program after a 2021 data breach that involved more than 10 million student records.