The University of Manchester has revealed it has fallen victim to a “cyber incident” but has denied links to the recent breach at payroll provider Zellis.
In a statement today, the university said it had suffered a security breach and confirmed that some systems had been accessed by an unauthorized third party.
University data had “likely been copied” during the breach, it said, and at this stage, exact details on what data has been compromised is yet to be revealed.
Staff have also been advised to refrain from downloading files from university systems in an attempt to back them up.
“Our in-house experts and established expert external support are working around the clock to resolve this incident,” said Patrick Hackett, COO at the University of Manchester.
“We are working to understand what data has been accessed and will update you as more information becomes available.”
The university is working with the Information Commissioner’s Office (ICO), the National Cyber Security Centre (NCSC), and National Crime Agency (NCA) as part of its investigation into the breach.
Incident not linked to MOVEit, Zellis breaches
Asked about potential links to the developing attacks involving UK payroll provider Zellis, of which the University of Manchester is a customer, it confirmed to ITPro that “there is no known link to other incidents involving MOVEit”.
RELATED RESOURCE
Three essential requirements for flawless data protection
Want a better CASB and stronger DLP? You have to start with the right foundation
The university’s website lists Zellis as its people and payroll provider but denies links to the ongoing attacks after Zellis was breached via exploits of the zero-day vulnerability in MOVEit Transfer.
A vulnerability in MOVEit’s file transfer software exposed thousands of organizations globally, including Zellis, and has been leveraged by Russian-linked cyber criminal group Cl0p to compromise systems at a host of companies.
So far, major organizations such as British Airways, Boots, and BBC News are all confirmed to have been affected by Zellis’ breach.
The university previously told Manchester Evening News that it had not been affected by the attack before today’s announcement of a “cyber incident”.
-
Amazon is cutting 14,000 roles in a bid to ‘operate like the world's largest startup’News The layoffs at Amazon mark the latest in a string of cuts in recent years
-
Why hardware matters when it comes to moving from AI fiction to AI factSupported GPUs, networking, and smart devices are as much the story of AI success as software
-
‘Channel their curiosity into something meaningful’: Cyber expert warns an uptick of youth hackers should be a ‘wake-up call’ after teens charged over TfL attackNews Encouraging youths to engage in positive tech initiatives will guide them down the right path and away from nefarious activities
-
Kids hacking for kicks are causing security headaches at schoolsNews More than half of cyber incidents at schools are caused by students, with some tech-savvy pupils attempting to bypass security and network controls.
-
Enabling secure hybrid learningWhitepaper Cyber security in Higher Education
-
Enabling secure hybrid learning in schoolsWhitepaper The importance of creating security awareness among key players
-
What’s next for the education sector?Whitepaper A new learning experience
-
20 Universities targeted by “Shadow Academy” hackersNews Hackers identified after the discovery of a fake Louisiana State University student portal
-
Hackers are targeting the education sectorNews The health care industry isn’t the only one falling prey to hackers during the coronavirus pandemic
-
De Montfort University launches a week of cyber security eventsNews DMU students will be able to gain practical experience from industry experts
