The University of Nottingham confirmed a security breach compromised student records affecting over 450,000 current and former students. A hacking group accessed the institution's student records system.
The University of Nottingham disclosed the breach on Wednesday, revealing that attackers gained unauthorized access to its student database. The incident impacts both current enrollees and alumni.
The university has not yet disclosed specific details about which data categories were compromised or the timeframe during which the breach occurred. Typically, student record systems contain names, contact information, enrollment details, and potentially financial records.
The breach was confirmed after a hacking group claimed responsibility. The university's statement indicated the unauthorized access was discovered and reported through its incident response protocols.
Institutions of higher education have become frequent targets for cyberattacks. Student databases are particularly valuable to threat actors due to the volume of personal information they contain and the potential for identity theft or targeted fraud.
The University of Nottingham has not yet announced whether affected individuals will be offered credit monitoring services or identity theft protection. Typically, universities provide such resources following breaches of this magnitude.
This incident adds to a growing list of major data breaches affecting educational institutions. Universities face significant challenges maintaining cybersecurity infrastructure across sprawling networks and legacy systems while managing millions of student records.
Affected students may face increased risk of phishing attempts, credential theft, or unauthorized financial activity. Security experts recommend affected individuals monitor accounts closely and consider freezing credit reports if personal financial data was exposed.
The university is expected to provide additional details regarding the breach scope, response measures, and support resources available to affected parties in coming days.
Google filed a lawsuit against a suspected Chinese cybercrime operation for using its Gemini AI to generate over 2 million fraudulent text messages. The scam targeted cellphone users with links designed to steal personal information and money.
The French government disclosed a security breach affecting over 73,000 public sector employee accounts on Tchap, its encrypted messaging platform. The incident marks a significant compromise of government communications infrastructure.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding directive requiring all federal agencies to patch an actively exploited vulnerability in Ivanti Sentry within three days.
Congress rejected a three-week extension of Section 702 of the Foreign Intelligence Surveillance Act, allowing the warrantless wiretapping authority to lapse. The House voted 218-198 against reauthorization through July 2nd.