The University of Manchester is warning staff and students that they have suffered a cyberattack where threat actors have likely stolen data from the University’s network.
The University is a public research institute and one of the UK’s largest and most successful teaching and research centres, with over 10,000 staff and 45,000 students.
In a statement posted on its website, the University of Manchester said it discovered the breach on Tuesday June 6 and immediately launched an investigation.
“Unfortunately, I have to share with you the news that the University has been the victim of a cyber incident,” it read. the statement on the University website.
“It has been confirmed that some of our systems have been accessed by an unauthorized party and data may have been copied.”
The announcement further informs that internal experts and external support are working tirelessly to remedy the situation, determine exactly which systems were accessed, and work towards a timely system restore.
The University claims to have notified all relevant authorities, including the Information Commissioner’s Office, the National Cyber Security Center (NCSC) and the National Crime Agency, of the security and data breach.
“We know this is going to worry members of our community and we apologize. Our priority is to resolve this issue and provide information to those affected as soon as we can, and we are focusing all available resources,” presented his apologies to the University of Manchester.
The University has set up a separate service FAQs for the “cyberincident”, mainly dedicated to hosting safety tips for students and staff.
Currently, University members are not required to reset their passwords, but careful vigilance against potential phishing attacks is recommended.
On the subjects of who is responsible for the attack and whether sensitive research or personal data was stolen, the University limited itself to saying that the investigation is still ongoing and will inform the public as soon as more information is available. information will be available.
Additionally, the University of Manchester claims that its security incident is unrelated to the recent MOVEit Transfer data theft attacks or the associated data breach at Zellis.
Although the University’s statements don’t provide any additional details about the attack, BleepingComputer has learned from sources that it was ransomware.
However, we were unable to independently confirm this, and the University spokesperson declined to comment when asked by BleepingComputer.