Redazione RHC : 28 June 2025 07:29
New South Wales police have arrested a 27-year-old former Western Sydney University student who had repeatedly hacked into the university’s systems, including to obtain cheaper parking. Western Sydney University is one of Australia’s largest universities, offering a wide range of undergraduate, graduate and research degrees to 47,000 students. It employs more than 4,500 permanent and seasonal staff and has a budget of $600 million.
Local media report that the suspect is named as Birdie Kingston and is accused of unauthorised access, data theft and repeated compromises of university infrastructure since 2021, affecting hundreds of students and staff.“Since 2021, the University of Western Sydney has suffered a series of cyber attacks involving unauthorised access, data breaches, systems compromise and misuse of university infrastructure, including the threat of selling student information on the dark web,” police said in a press release . “It is estimated that hundreds of students and staff at the university have been affected by these incidents.”
Since last year, the university has repeatedly reported several cyber incidents. For example, in May 2024, unauthorized access to the Microsoft Office 365 environment, which began in May 2023, was confirmed, affecting the data of 7,500 people. In April 2025, the university reported two more cyber attacks. The first involved a breach of one of the university’s SSO systems and lasted from January to February 2025, resulting in the disclosure of data for around 10,000 students.
The second incident involved the leak of stolen university data onto the darknet, which occurred on 1 November 2024. Police have now said that Kingston, which faces 20 charges, may be behind these and other incidents. He says that during a search of his home, investigators found and seized computer equipment and mobile devices that may contain evidence. Kingston is believed to have started hacking his alma materto manipulate parking access, then moved on to academic records and threatened to sell student data on the dark web.
Australian media reports that police issued an official warning to Kingston in September 2023, when he was living on campus. However, he did not stop and continued his hacking activities. Journalists noted that over the course of several years, a certain hacker (who, it turns out, was Kingston):
“Western Sydney University is working with the New South Wales Police to support their investigation. These cyber incidents have had a significant impact on the university community and we are grateful for the police’s support. As the matter is currently before the courts, the university is unable to provide further comment,” the university told media.
Redazione