Cyber Incident Victim: University of Western Australia
Date:
Aug 2025
Location:
Australia
Summary
The university experienced a cyber attack that exposed password information for thousands of staff and students. All accounts were locked and passwords reset, with no evidence that other data was accessed. Classes continued normally while IT teams worked to restore access and provided assessment extensions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The University of Western Australia detected a cybersecurity incident on Saturday night when unauthorised access to password information was identified. Upon detection, the university immediately locked staff and student accounts out of the system and initiated a password reset process for all affected users over the weekend. The university’s chief information officer, Fiona Bishop, confirmed that a critical incident management team was activated to begin countermeasures following the discovery of the breach. She stated that the university’s IT and many teams worked tirelessly overnight on Saturday and through the weekend to lock and reset all students’, staff and visitor passwords. The university urged all staff, students and visitors to change their passwords as part of the immediate response.
The university emphasized that there was no evidence to suggest any information aside from passwords had been accessed during the incident. Fiona Bishop described the breach as being like “following footprints in the sand,” indicating the limited nature of the accessed data. She expressed that she was “exceptionally pleased” with the responsiveness of the university’s IT teams and digital experts in handling the incident. The university advised that staff and students had been provided a three‑day extension to student assessments to accommodate the password reset process. The university stated that it did not expect interruptions to teaching and that classes could proceed as planned despite the ongoing password reset efforts.
Fiona Bishop noted that the university would continue to provide support for password resetting over the course of the next couple of days as people continued to need assistance. The university indicated that it was boosting its cybersecurity measures amid what it described as rising threats to the higher education sector. Classes continued as normal while the investigation into the breach remained ongoing. The university maintained that it would continue to monitor and support users as they regained access to their accounts after the password resets.