The University of Manchester notified its employees and students that they experienced a cybercriminal attack, which could have resulted in losing information from the University’s network.
The affected academic institution is a public research entity, one of the United Kingdom’s largest and most successful educational systems. The University of Manchester has about 45,000 students and 10,000 faculty members.
The University of Manchester claimed that the attack occurred earlier this month.
According to the University of Manchester website, the cyberattack caused a data breach on June 6th, which they immediately addressed by launching an investigation. Unfortunately, the academic institution claimed the cybersecurity incident could affect their staff and students.
The initial investigation confirmed that some of the school’s systems experienced unauthorised access from an unknown threat group, which could have resulted in data exposure and data loss.
Furthermore, the University’s notification explained that their resident cybersecurity experts and external support group are having an ongoing remedial operation to determine the exact scope of the attack and what the actors accessed.
A University of Manchester representative also disclosed that they had notified relevant law enforcement agencies, such as the NCSC, the National Crime Agency, and ICC, about the security and data breach incident.
The institution is also aware that the incident will cause concern to the community members, which is why they are apologising. However, they will prioritise resolving the issue and provide further information to the affected individuals as soon as they finish the investigation. In addition, the University also assured everyone that they would put most of their resources into coming up with the solution soon.
The University of Manchester has established a separate FAQ page for cybersecurity incidents to cater to the questions students and employees ask. Additionally, the school admins have yet to require their members to reset their passwords; instead, they should be more vigilant against potential phishing attacks from threat actors.
Lastly, the University of Manchester could still not name the attackers responsible for the attack and what type of information they got. The University has no choice but to stick with its investigation since it could not release additional details about the status of the incident without concrete proof.
