Edu Asia New,I am writing to notify you of a cyber incident that recently occurred at the University of Sydney.Last week we were alerted to suspicious activity in one of our online IT code libraries. We took immediate action to protect our systems and community by blocking the unauthorised access and securing the environment. While principally used for code storage and development, unfortunately there were also historical data files in this code library containing personal information about some members of our community. This incident is unrelated to yesterday’s student results issue.
We understand this news may cause concern, and we sincerely apologise for any distress this may cause. To our knowledge, the data has not been published.
Am I affected?
The unauthorised access includes a historical data file from a retired system containing personal information about staff employed at the University on 4 September 2018. This information includes the name, date of birth, phone number and home address of those staff as well as some basic job information (e.g. job title and employment dates).
While the data has been accessed and downloaded, there is currently no evidence it has been used or published. We are actively monitoring for any signs of use or publication and, should this occur, we will update you immediately.
We have provided further information below, including contacts for support and advice for securing your personal information online.
What action has the University taken?
We have notified relevant government authorities and are working with our cyber security partners to fully understand the scope of the situation. An investigation is underway and, given its complexity, we expect this process to continue into the new year. At this stage, the unauthorised access was limited to a single platform and did not affect other University systems.
What happens next?
Notifications to impacted individuals will commence today. We aim to complete notifications in January 2026, when we estimate the full assessment of file reviews will be completed and we have contact details for all impacted individuals. Responses to frequently asked questions have been published and updates will be made available on our website.
We will continue to keep you updated as the formal investigation progresses and directly contact affected current and former staff. We will also be communicating with other relevant members of our community, including some small cohorts of students and alumni.
We take our cyber security responsibilities seriously and have engaged expert partners to assist with incident response. Over the past three years, we have implemented an extensive program to review and strengthen our data management practices. We continue to enhance these processes to protect against similar incidents, with work ongoing under the Privacy Resilience Program. The identified datasets have been purged from the code library, and we are now investigating what further actions are necessary to ensure ongoing best practice.
