Western Sydney University warns of scam emails revoking degrees

Western Sydney University warned students and alumni about a sophisticated scam involving fraudulent emails falsely claiming that recipients’ academic degrees had been revoked and that they were permanently excluded from the university. These emails, which appeared very official and included students’ full names and ID numbers, caused significant alarm among recipients. WSU confirmed the emails were fake, not issued by the university, and reassured the community that enrollments and degrees remain unaffected. The university strongly advised recipients not to respond or click any links in these emails and alerted NSW Police, who are investigating the scam.
Investigations revealed that the scammers used personal data stolen in a previous cyberattack on the university’s Student Management System between June and September 2025. This compromised data included sensitive personal details such as names, dates of birth, identification numbers, contact information, and more. The incident highlights vulnerabilities in WSU’s cybersecurity defenses, raising concerns about data privacy and institutional transparency. The university is actively working to contain the situation and enhance its cybersecurity measures to prevent future breaches. Students and graduates are urged to remain vigilant and report any suspicious communications to official university channels.