Lancaster University Hit By Data Thieves

Uploaded on 2019-07-29 in TECHNOLOGY--Hackers, FREE TO VIEW

Lancaster University has been subject to a sophisticated and malicious phishing attack which has resulted in breaches of student and applicant data. The matter has been reported to law enforcement agencies and we are now working closely with them. 

Lancaster University has said they are aware of two breaches of data:

1. Undergraduate student applicant data records for 2019 and 2020 entry have been accessed. This includes information such as their name, address, telephone number, and email address. We are aware that fraudulent invoices are being sent to some undergraduate applicants. We have alerted applicants to be aware of any suspicious approaches.  
2. A breach has also occurred of the student records system and the University says that at the present time they know of a very small number of students who have had their record and ID documents accessed. They are contacting those students to advise them what to do.

A number of UK universities have been hit by cyber-attacks and now Lancaster has reported their attack to the National Crime Agency and the Information Commissioner’s Office.

Lancaster University said it acted as soon as it became aware of breaches of student and applicant data on 19 July 2019 by setting up an incident response team and reporting the matter to the ICO.

A cyber phishing attack, using apparent emails from UK’s Lancaster University has resulted in a large amount of student personal data being stolen. Since the data theft fake invoices have been sent to undergraduates asking for money.
The National Crime Agency (NCA) said the university had suffered a "compromise of its systems".

In a statement, the university said it became aware of a breach on Friday and has been working to secure its systems.
It said the data included names, addresses, phone numbers and emails, linked to students who had applied to join the university in 2019 and 2020.

According to the report sponsored by VMware and Dell EMC, cyber-attacks on UK universities presents an increasing risk to national security, with 93% of university research commissioned by government and almost a third of that relating to national security. Since discovering the breaches, the university said it had focused on safeguarding its IT systems and identifying and advising students and applicants who have been affected.

“This work of our incident team is ongoing, as is the investigation by law enforcement agencies,” the university said in a statement.....We acted as soon as we became aware that Lancaster was the source of the breach on Friday and established an incident team to handle the situation."

‘It was immediately reported to the Information Commissioner’s Office. Since 19th July we have focused on safeguarding our IT systems and identifying and advising students and applicants who have been affected. This work of our incident team is ongoing as is the investigation by law enforcement agencies.’

Lancaster Univ:         BBC:          Computer Weekly:

You Might Also Read:

Students Blamed For University & College Cyber Attacks:

Fraudsters £350k Spoof University Emails:

 

« Cyberwar: Covert Cyber Attack Campaign Is Underway
Russia Hacked All US State Election Systems »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Wizard Computing

Wizard Computing

Wizard Computer Services is a full service IT solutions provider that offers managed services, consultation, installation, and support to small and large businesses in New England.

Alert Logic

Alert Logic

Alert Logic delivers unrivaled security for any environment, delivering industry-leading managed detection and response (MDR) and web application firewall (WAF) solutions.

Netskope

Netskope

Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data.

PeCERT

PeCERT

PeCERT is the national Computer Emergency Response Team for Peru.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Antiy Labs

Antiy Labs

Antiy Labs is a vender of antivirus engine and solution, providing the best-in-breed antivirus engine and next generation antivirus services for confronting PC malware and mobile malware.

CSIRT-IE

CSIRT-IE

CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

Swiss Cyber Think Tank (SCTT)

Swiss Cyber Think Tank (SCTT)

The Swiss Cyber Think Tank is a business network for Cyber Risk & Insurability, providing an industry-wide networking platform for insurers, technology and security firms.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.

Buchanan Technologies

Buchanan Technologies

Buchanan Technologies is a leading IT consulting and outsourcing services firm. Our methodology transforms everyday technology investments into streamlined, secure and scalable solutions.

Xobee Networks

Xobee Networks

Xobee Networks is a Managed Service Provider of innovative, cost-effective, and cutting-edge technology solutions in California.

Pangu Laboratory

Pangu Laboratory

Beijing Qi an Pangu Laboratory Technology Co., Ltd. was established on the basis of Pangu laboratory, a well-known cyber security team.

Highen Fintech

Highen Fintech

Highen is a blockchain software development company with offices in the United States and development centers in India.

Silence Laboratories

Silence Laboratories

Silence Laboratories is a cybersecurity company that focuses on the fusion of cryptography, sensing, and design to support a seamless authentication experience.

Hubble

Hubble

Hubble grew from the idea that legacy solutions were failing to provide organizations with the asset visibility they needed to effectively secure and operate their businesses.