Triggered by threat actor’s mass emailing, the University of Manchester revealed more details about the incident – like what type of data was leaked and the investigations it’s working with.
Leaked data included the PII of current and former students and staff, but no financial or payment information was involved. Hackers, on the other hand, noted similar information in their emails, amounting to 7TB. Students and staff should be vigilant about incoming suspicious emails and advised not to interact with them.
The University of Manchester Data Leak
Weeks after the data breach incident, the University of Manchester has now created a new notification to reveal more facts about the situation – detailing what type of data is breached and the necessary cautionary procedures that victims should follow.
In it’s note, the University mentions the below data points were breached earlier this month;
- Names and contact details(address, telephone numbers, and email address)
- University ID numbers
- Dates of birth and gender
- Nationality, domicile, and ethnicity
- UCAS number and fee status
- UCAS disability code(where relevant)
For some students, the documents also included a summary of critical communications or other records relating to their university accommodation.
This is in line with the claims of the threat actor, who e-mailed university students and staff about the incident – possibly pushing the university to pay their demanded ransom. Many stakeholders said they received an email stating that their personal information, research data, medical data, police reports, drug test results, databases, HR documents and finance documents were leaked.
This data was reportedly stolen from a system used to help manage students’ university accommodation, University says. Further, the institution claimed to have informed all the impacted people and warned them to be vigilant of suspicious emails. If you ever encounter any such email, ignore it or report it to the concerned authorities.
The University says it’s investigating the incident with the Information Commissioner’s Office, the National Cyber Security Centre (NCSC), the National Crime Agency and other regulatory bodies.
Other Trending News:- News