University of Manchester admits cyber incident "likely" led to data theft

University of Manchester rooftop’s on Oxford Road in Manchester, England - an aerial photograph
(Image credit: Getty Images/Eric Latham)

The University of Manchester has revealed it has fallen victim to a “cyber incident” but has denied links to the recent breach at payroll provider Zellis.

In a statement today, the university said it had suffered a security breach and confirmed that some systems had been accessed by an unauthorized third party. 

University data had “likely been copied” during the breach, it said, and at this stage, exact details on what data has been compromised is yet to be revealed. 

Staff have also been advised to refrain from downloading files from university systems in an attempt to back them up.

“Our in-house experts and established expert external support are working around the clock to resolve this incident,” said Patrick Hackett, COO at the University of Manchester. 

“We are working to understand what data has been accessed and will update you as more information becomes available.”

The university is working with the Information Commissioner’s Office (ICO), the National Cyber Security Centre (NCSC), and National Crime Agency (NCA) as part of its investigation into the breach. 

Incident not linked to MOVEit, Zellis breaches

Asked about potential links to the developing attacks involving UK payroll provider Zellis, of which the University of Manchester is a customer, it confirmed to ITPro that “there is no known link to other incidents involving MOVEit”.


Whitepaper cover with two colleagues at a workstation looking at a computer

(Image credit: Zscaler)

Three essential requirements for flawless data protection

Want a better CASB and stronger DLP? You have to start with the right foundation


The university’s website lists Zellis as its people and payroll provider but denies links to the ongoing attacks after Zellis was breached via exploits of the zero-day vulnerability in MOVEit Transfer.

A vulnerability in MOVEit’s file transfer software exposed thousands of organizations globally, including Zellis, and has been leveraged by Russian-linked cyber criminal group Cl0p to compromise systems at a host of companies. 

So far, major organizations such as British Airways, Boots, and BBC News are all confirmed to have been affected by Zellis’ breach.

The university previously told Manchester Evening News that it had not been affected by the attack before today’s announcement of a “cyber incident”.

Ross Kelly
News and Analysis Editor

Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies.

He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research.

For news pitches, you can contact Ross at, or on Twitter and LinkedIn.