Lancaster Uni fesses up to 'sophisticated and 'malicious' cyberattack

Carly Page
@CarlyPage_
23 July 2019

Tweet
Facebook
Send to

LANCASTER UNIVERSITY has been schooled by hackers in a "sophisticated" incident affecting student and applicant data.

In a notice on its website, the University admits that it's been subject to a "sophisticated and malicious" phishing attack that has resulted in the compromise of data.

Undergraduate student application records for 2019 and 2020 were accessed in the breach, including information such as name, address, telephone number, and email address.

A sophisticated phishing attack has caused a breach of university data. This statement explains what's happened and how to get in touch if you have any concernshttps://t.co/NMvSGrrWT6
— Lancaster University (@LancasterUni) July 22, 2019

"We are aware that fraudulent invoices are being sent to some undergraduate applicants," the Uni fessed. "We have alerted applicants to be aware of any suspicious approaches."

The student records system was also breached in the attack and the university is contacting a "very small number" of students who have had record and ID documents accessed.

"We acted as soon as we became aware that Lancaster was the source of the breach on Friday and established an incident team to handle the situation," the University says, noting that it was "immediately reported to the Information Commissioner's Office.

"Since Friday we have focused on safeguarding our IT systems and identifying and advising students and applicants who have been affected. This work of our incident team is ongoing as is the investigation by law enforcement agencies."

Lancaster University is advising applicants, students and staff to contact them if they receive any suspicious communications via email. µ