The University of Wollongong has confirmed that some staff and students were at risk of having their private information accessed by hackers in late December.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
Vice-Chancellor Patricia Davidson has apologised to those affected and said the university had boosted its IT security.
The university has opted not to reveal how many people's data was compromised, only saying it was a "discrete group".
In a statement, UOW said it was giving "personalised guidance to a discrete group of staff and students after an investigation found a limited amount of personal information could have potentially been accessed".
"A thorough investigation has now been completed, with the assistance of external experts, which has determined that an unknown third party accessed an isolated part of UOW's IT environment without authorisation," the statement said.
"UOW's investigation has identified that some personal information relating to a group of individuals might potentially have been impacted and could present a risk of data misuse."
Everyone affected was given details of their compromised data, and advised about their risks and actions they can take to mitigate those risks, UOW said.
"UOW has found no evidence of any misuse of individuals' data," the statement said.
Professor Davidson said the university acted quickly to contain the cyber attack, which "may be concerning to some within our community."
"We have also taken substantial measures to further enhance our security infrastructure to prevent future incidents," she said.
"I sincerely apologise for any distress or inconvenience and want to reiterate our commitment to making sure impacted staff and students have all the information and support that they need."
The university is providing support through staff and student help desks and an information page on the UOW website, and has partnered with Australia's national identity and cyber support community service IDCARE.
It has also been in communication with the NSW Information and Privacy Commissioner and relevant cyber security agencies.