Lancaster investigating cyberattack after applicant data stolen

Student and applicant data have been stolen in a ‘malicious and sophisticated’ phishing attack on Lancaster University

七月 23, 2019
Cyber attack

Student and applicant data have been breached in a “sophisticated and malicious” phishing attack on Lancaster University.

Undergraduate student applicant data records for 2019 and 2020 entry have been accessed, the university said.

These records include applicants’ names, addresses, telephone numbers and email addresses.

Lancaster said that it is “aware that fraudulent invoices” are being sent to some undergraduate applicants and the university has alerted applicants to be on the alert for any suspicious approaches.

There has also been a breach of the university’s student records system, and the university so far knows of a “very small number of students” who have had their record and ID documents accessed.

Lancaster is contacting the students involved to advise them what to do.

“We acted as soon as we became aware that Lancaster was the source of the breach on Friday and established an incident team to handle the situation,” said a university spokesman.

Since then, the university has “focused on safeguarding our IT systems and identifying and advising students and applicants who have been affected”, he added.

The attack has been reported to the Information Commissioner’s Office.

On 24 July, the National Crime Agency said that a 25-year-old man from Bradford had been arrested on suspicion of committing Computer Misuse Act and fraud offences, following the cyber incident affecting Lancaster.

Officers from the NCA’s National Cyber Crime Unit arrested the man and he has since been released under investigation while enquiries are ongoing.

nick.mayo@timeshighereducation.com

请先注册再继续

为何要注册?

  • 注册是免费的,而且十分便捷
  • 注册成功后,您每月可免费阅读3篇文章
  • 订阅我们的邮件
注册
Please 登录 or 注册 to read this article.