Cyber Incident Victim: University of New South Wales
Date:
Sep 2015
Location:
Australia
Summary
The University of New South Wales experienced a compromise of its official Facebook page, where attackers posted inappropriate content including images of a pornographic actress, soft-core porn, and firearms alongside instructional material. The breach occurred shortly before a major university event, exposing its 360,000-follower page to offensive material that drew criticism from students and the public for damaging institutional credibility. Administrators were fully locked out during the incident, requiring escalated efforts to contact Facebook before regaining control and removing all unauthorized posts. The university acknowledged the disruption to its community and initiated an investigation to identify the breach's origin.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On September 4, 2015, the University of New South Wales (UNSW) experienced a security breach targeting its official Facebook page, which occurred shortly before the start of the university’s Open Day. Unauthorized actors posted multiple instances of inappropriate content, including graphic images of pornographic actress Mia Khalifa, explicit photographs focusing on women’s breasts and backsides, depictions of firearms, and instructional material related to French kissing. The compromised page, which had approximately 360,000 followers at the time, displayed this content publicly for an undetermined period before removal. The incident drew immediate reactions from the university community and social media users, with some criticizing UNSW’s cybersecurity posture as incompatible with its reputation as a top-ranked global institution and leading engineering school. Specific comments highlighted embarrassment over the timing during Open Day, while others responded with humor, suggesting hypothetical scenarios for the breach or making lighthearted remarks about transferring to UNSW.
UNSW administrators detected the breach early on the morning of the incident but were unable to regain control internally after being locked out of the account. After multiple unsuccessful attempts to resolve the issue independently, the university contacted Facebook’s support channels to request access restoration. Once control was reestablished, administrators systematically removed all unauthorized posts containing pornographic material and other inappropriate content. A university spokesperson confirmed the removal of the material and expressed concern about the incident’s impact on the UNSW community. The institution committed to investigating the source of the breach but did not publicly disclose technical details regarding the compromise method, attacker identity, or specific vulnerabilities exploited. No secondary compromises or impacts on other university systems were reported in connection with the Facebook page intrusion.