Around 12,500 details of applicants for undergraduate courses have been accessed in what the university has called in a statement “a sophisticated and malicious phishing attack”.
The university says the matter has “been reported to law enforcement agencies”, and has revealed that Friday’s breach was immediately reported to the ICO, and already has “an incident team to handle the situation”.
The Register notes that UCAS statistics show 12,545 applicants to the university in 2018 alone, with 3,585 students accepted, 375 from EU countries and 575 from non-EU countries.
Tony English, CEO of UK cyber security specialist Axial Systems, said:
“It’s fortunate that GDPR regulations have now made it mandatory to report breaches to the ICO within 72 hours – I would say this is why we’re now seeing so many more organisations publicly admitting their security weaknesses.
“What needs to happen next is that organisations start learning from their mistakes and improving their security real estate to stop these things happening in the first place. As a university that teaches a GCHQ-accredited degree in cyber security, the irony here is obvious.”
Axial Systems can provide a full security assessment of your organisation using the latest innovative technologies – with features not available anywhere else in the UK – helping put in place the necessary protection to help ensure your customer data remains in safe hands.
As one of the UK’s leading network solution providers and system integrators, Axial Systems works with best-of-breed vendor partners from across the world to maximise the secure, efficient running of our clients’ networks.