The University of Western Australia has revealed a data breach that may have compromised the personal information and grades of current and past students.
The university notified students and alumni of the breach of its Callista student information system on Friday, as investigations into the extent of the “random attack” continue.
Callista is used by numerous education institutions across Australia, including Monash University and Edith Cowan University.
“UWA has detected unauthorised login activity to Callista, the university’s student information management system,” vice-chancellor Amit Chakma said in a letter seen by iTnews.
“The university is currently investigating this data breach and unauthorised access. The incident has also been reported to the Western Australian Police for investigation.”
The university said personal information held in Callista that was accessed included names, residential addresses, phone numbers, email addresses, course details and photos.
Emergency contact details were also exposed, potentially extending the impact of the data breach beyond current and present students.
The university said no credit card details, tax file numbers, medical records, passports or bank information were stored in the system.
Affected individuals have been urged to remain “vigilant about where you store your data” and be “alert to suspicious activity”.
The data breach notification comes a week after the Western Australian and Culture Trust (WA ACT) said some of its customer data may have been exposed in a breach of its email service provider.
WA Act manages arts and entertainment venues across WA, including His Majesty’s Theatre, Subiaco Arts Centre, State Theatre Centre of Western Australia and Albany Entertainment Centre.
