Ethical Hacking News
A 27-year-old former Western Sydney University student has been charged with multiple counts of hacking after allegedly exploiting university systems to gain cheap parking and breaching data. The incident highlights the need for robust cybersecurity measures in educational institutions and serves as a stark reminder of the consequences of engaging in malicious activities.
A 27-year-old former WSU student, Birdie Kingston, has been arrested on multiple counts of hacking into the university's systems. The alleged offenses date back to 2021 and include unauthorized access, data exfiltration, system compromise, and misuse of university infrastructure. Kingston is accused of stealing over 100GB of confidential data from WSU systems, altering academic results, and threatening to sell stolen student data on darknet forums. The incident has raised concerns about the security measures in place at universities and the importance of robust cybersecurity measures to safeguard sensitive student information.
New South Wales police in Australia have arrested a 27-year-old former Western Sydney University (WSU) student, Birdie Kingston, on multiple counts of hacking into the university's systems. The alleged offenses date back to 2021, with Kingston's motives ranging from securing cheap parking to exploiting data breaches that affected hundreds of staff and students.
In May 2023, WSU first confirmed unauthorized access to its Microsoft Office 365 environment, exposing approximately 7,500 individuals. This incident marked the beginning of a series of cyber hacks involving unauthorized access, data exfiltration, system compromise, and misuse of university infrastructure. The university later disclosed in April 2025 that it had suffered two additional security incidents.
One incident involved the compromise of one of WSU's single sign-on (SSO) systems between January and February 2025, exposing around 10,000 students. Another incident saw stolen data belonging to members of the WSU community leaked on the dark web, which began in November 2024. The data breaches are estimated to have been carried out by Kingston, who allegedly escalated her hacking activities from manipulating parking access and academic records to threatening the sale of student data on the dark web.
According to reports, Australian media claim that police officially warned Kingston in September 2023, when she was still living on WSU campus. However, she reportedly wasn't deterred and continued her hacking activities against the university. The police investigation found computer equipment and mobile devices at Kingston's residence in Kingswood that may contain incriminating evidence.
The scope of Kingston's alleged offenses is substantial. She is accused of unauthorized access, data theft, system compromise, and misuse of university infrastructure since 2021. This includes stealing over 100GB of confidential data from WSU systems over the years, altering academic results, securing discounted parking at the University, threatening to sell stolen student data on darknet forums, and demanding a ransom payment in cryptocurrency worth $40,000.
WSU is a major educational institution with a wide range of undergraduate, postgraduate, and research programs for approximately 47,000 students. The university employs over 4,500 regular and seasonal staff members and operates on an annual budget of around $600 million (USD).
The arrest and charges against Kingston have sparked concerns about the security measures in place at universities and other educational institutions. As more and more data becomes accessible online, it is becoming increasingly difficult for organizations to protect themselves from cyber threats.
In light of this incident, WSU has experienced multiple security breaches since last year. It is essential that universities implement robust cybersecurity measures to safeguard sensitive student information and prevent unauthorized access to their systems.
The arrest and charges against Kingston serve as a stark reminder of the importance of cybersecurity awareness and the consequences of engaging in malicious activities such as hacking. While the motives behind Kingston's actions may have been driven by financial gain, it is crucial for individuals to understand that such actions are not only morally reprehensible but also carry severe legal penalties.
In this article, we will delve deeper into the details of Kingston's alleged offenses and explore the broader implications for universities, cybersecurity measures, and individual responsibility in preventing cyber threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Ex-Student-Charged-for-Hacking-Universitys-System-to-Gain-Cheap-Parking-and-Exploiting-Data-Breaches-ehn.shtml
https://www.bleepingcomputer.com/news/security/ex-student-charged-over-hacking-university-for-cheap-parking-data-breaches/
Published: Thu Jun 26 12:37:17 2025 by llama3.2 3B Q4_K_M
