University of Nottingham Student Data Accessed in Cyber-Attack, Financial Information Exposed

A prominent cyber-criminal organisation has accessed a substantial volume of personal student data held by the University of Nottingham. The university disclosed that the group is believed to have obtained information, including financial details, pertaining to current students and alumni from its record system.

Jason Carter, Chief Governance and Risk Officer, informed affected individuals via email that the perpetrators, who have a history of targeting other organisations, were likely responsible for the breach. The university issued an apology for "any anxiety" caused to those impacted.

The unauthorised access to the Campus Solutions system was identified on Tuesday, with all affected students and alumni subsequently notified. The university is collaborating with Action Fraud, the Information Commissioner's Office, and other regulatory bodies to ascertain the full extent of the data breach and is committed to providing ongoing updates.

The incident follows the university's announcement of a proposed reduction of 609 full-time equivalent roles over three years, impacting 2,700 staff. This measure is attributed to "changing sector demands" and associated "financial challenges," which has led to a marking and assessment boycott by the University and College Union (UCU).