A recent cyberattack on the University of Manchester has raised student concerns. As hackers have initiated communication, warning of an imminent data leak. Despite an unpaid extortion demand, the ransomware group responsible for the attack. They begun to email students, indicating that their personal information will soon be made public.
In an email shared with BleepingComputer, the threat actors revealed that they had successfully breached the manchester.ac.uk network on June 6, 2023. Alarming statements within the email disclosed the theft of a substantial amount of data, estimated to be approximately seven terabytes. The compromised information encompasses confidential personal details of students and staff. The stole information also include research data, medical records, police reports, drug test results, databases, financial records, and more.
University’s Response to the Cyberattack
After receiving these distressing emails, several students promptly reported the matter to the University’s official Twitter account. In response, they were advised to forward a sample email to the institution’s IT department for further investigation and analysis.
On June 9th, the University of Manchester initially disclosed the cyberattack, alerting individuals that data had potentially been stolen. However, no specific details regarding the nature of the attack were initially provided. Subsequent inquiries by BleepingComputer revealed that the incident involved a ransomware infection.
To clarify any misconceptions, the University of Manchester asserted that this attack was unrelated to the recent data theft incidents. These was involving MOVEit Transfer or the associated data breach at Zellis. It appears that the perpetrators behind this cyber assault employed a ransomware strategy, typically involving data exfiltration before encrypting devices. This stolen data becomes a key component of a double-extortion scheme. Whereby the threat actors threaten to expose the information unless a ransom is paid. These types of cases are rising.
Uncertainty Surrounding the Data Leak Attack
Despite the absence of a ransomware gang claiming responsibility for the attack on the University of Manchester, the situation remains precarious. If the hackers follow through with their threats and publish the stolen data on a public leak site, more information about the attack will emerge.
BleepingComputer reached out to the University of Manchester seeking clarification on the situation. However, at the time of reporting, no response had been received.
In conclusion, the University of Manchester is grappling with the aftermath of a distressing cyberattack. Students have been directly informed of the impending data leak by the hackers themselves, who are holding the stolen information hostage. As the University assesses the extent of the breach and investigates potential solutions, students and staff must remain vigilant and cooperate with the institution’s IT department to mitigate any further damage or unauthorized access to sensitive data.
