University of Manchester suffers cyberattack, data likely copied
The University of Manchester has experienced a cyberattack on its computer systems, with data believed to have been copied by the perpetrators. The specifics of the accessed information remain unclear, but staff and students have been advised to remain vigilant for any suspicious emails. The National Cyber Security Centre (NCSC) and National Crime Agency are among the organisations collaborating with the university’s experts to address the situation.
In a statement, the university said, “We are working to understand what data have been accessed and will update you as more information becomes available.” The institution has apologised for the breach, which is currently under investigation. Their priority is to resolve the issue and provide information to those affected while focusing all available resources.
Both the university and the NCSC have warned those potentially impacted to be cautious of phishing emails, a common method used by online fraudsters. To spot a scam email, users should look for irregular email addresses, misspellings, and unusual formatting, and avoid clicking any links if they have suspicions.
Muhammad Yahya Patel, lead security engineer at Check Point Software, emphasised the importance of universities implementing a “robust” cybersecurity strategy. “The education sector is heavily targeted by cyberattacks owing to the value and volume of data they hold,” he said, adding that investment in education for a strong cybersecurity strategy is often lacking.
This incident coincides with a series of cyberattacks on British institutions and businesses this year, including the BBC, Boots, and British Airways (BA). Other targets have included Royal Mail, WH Smith, and JD Sports. Many of the attacks have been linked to Russia, with the breach against the BBC, Boots, and BA having been executed by the cyber gang Clop.
Brett Callow, an analyst at cybersecurity firm Emsisoft, described the University of Manchester breach as “potentially one of the most significant breaches of recent years”. Last month, British companies were urged to strengthen their cybersecurity to protect the nation from “ideologically motivated, rather than financially motivated” adversaries targeting the UK.