The Australian National University (ANU) said it detected the breach two weeks ago and is working with security agencies to investigate further.
ANU – which suffered a similar incident last year – said the hack was carried out by “a sophisticated operator”.
The university said “significant amounts” of data had been affected.
“We believe there was unauthorised access to significant amounts of personal staff, student and visitor data extending back 19 years,” Vice Chancellor Brian Schmidt said in a statement.
“We’re working closely with Australian government security agencies and industry security partners to investigate further.”
Data including personal contact details, payroll information, bank account details, passport details and student academic records were accessed.
The university said the systems that stored information such as credit card details and medical records had not been affected.
“As you know, this is not the first time we have been targeted. Following the incident reported last year, we undertook a range of upgrades to our systems to better protect our data. Had it not been for those upgrades, we would not have detected this incident,” Mr Schmidt said.
At the time, some local media said hackers based in China had been behind the data breach. China has consistently denied being involved in any hacking attacks.
The Australian government has also faced a number of cyber-attacks in recent years, some of which have been also attributed in local media to nations such as China. China has denied those accusations.