Scroll Top

Cyberattack on University of Manchester exposes trauma and terrorist victim data, raises concerns over student and Alumni privacy


Cyberattack on University of Manchester exposes trauma and terrorist victim data, raises concerns over student and Alumni privacy
Breach highlights growing threat to Universities and healthcare Institutions

The University of Manchester, located in the United Kingdom, has recently suffered a severe cyberattack, resulting in the compromise of sensitive personal data belonging to approximately 1.1 million National Health Service (NHS) patients. The breach, discovered during the week of June 6, also affected students and alumni, raising concerns over the privacy and security of their personal information.

The university described the cyberattack as the work of a “criminal entity” that successfully accessed and copied the data. One of the most alarming aspects of the breach is the exposure of records pertaining to major trauma patients across England and individuals treated after acts of terrorism. These records were collected by the university for research purposes, making them highly sensitive and potentially compromising the privacy and safety of those affected.

In addition to the NHS data, student and alumni information was also compromised. The stolen data includes names, contacts, addresses, university IDs, and demographic information. The breach has caused significant disruptions to the university’s IT systems, leading to ongoing challenges for students, alumni, and staff.

Despite the severity of the incident, there is currently no evidence suggesting that bank or payment details were compromised. However, the University of Manchester advises affected individuals to contact their banks for guidance if they have concerns. The university is actively working to recover from the attack, but several services, such as the GlobalProtect VPN service for off-campus access, will remain unavailable until at least August 2023.

The university’s accommodation system for student housing has also been impacted, temporarily preventing students from making applications. Regular updates are being provided on the university’s website to keep students and alumni informed about the progress of the recovery efforts.

In response to the cyberattack, the University of Manchester is collaborating with various government entities, including the Information Commissioner’s Office, the National Cyber Security Center, the National Crime Agency, and other regulatory bodies. Cooperation with these organizations is crucial to investigate the incident, mitigate the damage, and enhance security measures to prevent future attacks.

This breach underscores the increasing threat faced by universities and healthcare institutions worldwide. According to Brett Callow, a threat analyst at security firm Emsisoft, post-secondary schools have become attractive targets for ransomware attacks since 2019, with numerous institutions falling victim to such attacks this year alone. The profitability of targeting these sectors has incentivized cybercriminals to continue their illicit activities.

To combat this problem, experts emphasize the need to alter the risk/reward ratio for cybercriminals. This includes increasing prosecutions against perpetrators and discouraging organizations from paying ransoms. A collaborative effort between educational institutions, healthcare providers, government agencies, and cybersecurity experts is essential to develop robust security frameworks and respond effectively to these threats.

It is worth noting that the University of Manchester has not disclosed the identity of the cybercriminal group responsible for the attack. This incident serves as a wake-up call for universities and healthcare institutions worldwide to prioritize cybersecurity, implement proactive measures, and foster a culture of resilience to safeguard the personal information and privacy of their stakeholders.

Related Posts

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.