University of Manchester Suffers Suspected Data Breach During Cyber Incident

Written by

The University of Manchester has been hit by a cyber-incident that has likely resulted in data being accessed by the attackers, the institution has confirmed in a statement published on June 9, 2023.

In the post, Patrick Hackett, chief operating office at the University of Manchester, confirmed that “some of our systems have been accessed by an unauthorized party and data have likely been copied.”

The attack was discovered earlier this week, on June 6.

Hackett added that the UK university is now working with in-house experts and external support to resolve the incident and understand what data has been accessed.

He also confirmed that the university is in contact with relevant authorities about the attack, including the UK’s data protection authority, the Information Commissioner’s Office (ICO), the National Cyber Security Centre (NCSC) and the National Crime Agency.

While investigations continue, students and staff have been advised to be vigilant to potential phishing attacks.

In the statement, the University of Manchester said: “We know this will cause concern to members of our community and we are very sorry for this. Our priority is to resolve this issue and provide information to those affected as soon as we are able to, and we are focusing all available resources.”

Universities and other education institutions have been heavily targeted by ransomware attacks in recent years, and research from 2022 found that each incident costs in excess of £2m on average to remediate.

In May 2022, the 157-year-old Lincoln College in Illinois, USA, was forced to close its doors after a ransomware attack left the school locked out of crucial data for student retention, recruiting and fundraising efforts.

The threat actor Vice Society has been particularly prevalent in attacking this sector recently, with numerous institutions impacted across the US and Europe.

Commenting on the attack, Raghu Nandakumara, senior director and head of industry solutions at Illumio, praised the University’s transparency and proactive approach to notifying and engaging authorities.

He noted that the sensitive and valuable data held by universities makes them a big target for malicious actors. “If data is found to have been compromised, then the potential impacts could be huge. Not only do Universities have a huge raft of personal data on students and staff, but they also conduct valuable sensitive research and have a variety of technology and devices connected to the University network which increases attack exposure,” Nandakumara said.

Andrew Whaley, senior technical director at Promon, said: “The university will need to act swiftly in order to assess the extent of the breach and identify what data sets have been copied. Moreover, they will need to do a lot of damage control once the dust settles. People don’t tend to like it when their data leaks, whether it was avoidable or not.”

Image credit: John B Hewitt /

What’s hot on Infosecurity Magazine?