Student details and photos have been exposed in a University of WA data breach. 

The University of Western Australia has notified students and alumni of a data breach affecting the personal information and grades of current and past students on its Callista student information system.

Several major Australian universities also use Callista. Personal information held in the system includes names, residential addresses, phone numbers, email addresses, course details and photos.

Emergency contact details were also exposed in what the university describes as a “random attack”. No credit card details, tax file numbers, medical records, passports or bank information were stored in the system.

“UWA has detected unauthorised login activity to Callista, the university’s student information management system,” vice-chancellor Amit Chakma said in a letter, according to reports.

“The university is currently investigating this data breach and unauthorised access. The incident has also been reported to the Western Australian Police for investigation.”