Criminal hacker group threatens to publish Nottingham students’ data online if uni doesn’t pay

The criminal hacker group has threatened to publish the data of students online, if the University of Nottingham does not pay.

ShinyHunters, a criminal group that has been active since 2019, has been identified as being behind a recent cyberattack, which was discovered on 9th June.

ShinyHunters reportedly claimed responsibility, with a “pay or leak” extortion campaign that could potentially see Nottingham students’ and graduates’ personal and financial information published online, if the university fails to pay.

Breach monitoring services report that approximately 10 gigabytes of data have been published online, and 455,000 individual email addresses are understood to have been affected by the hack, although this includes duplicate email addresses, meaning the actual number affected could be lower.

The compromised data is understood to include information such as academic records, dates of birth, email addresses, genders, names, phone numbers, purchases, usernames, citizenship statuses, disabilities, ethnicities, IP addresses, passport numbers, physical addresses, information relating to academic enrolments and fee payments.

A spokesperson for the University of Nottingham said: “A significant amount of data in our student record system has been accessed by a well-known cybercriminal group.

Most Read

Ariana Grande’s family share ‘concern’ for her health after saying she’s ‘not in a healthy place’

Bonnie Blue shares sick logistics and graphic videos from ‘g*lden shower’ with over 100 men

A look at André and Alex’s life in Spain now, 34 years after Rachel Nickell’s murder

“We are working with the third party that maintains the platform to lead a forensic investigation. We understand that those affected will have concerns about what this means for their personal data, and we will be offering advice and support to our students as we learn more.”

Last month, ShinyHunters was linked to an attack on Canvas, a learning platform used by thousands of universities worldwide. The group reportedly demanded a $10 million ransom from Canvas owner Instructure, which later confirmed  a payment had been made, although the final sum paid to the group remains undisclosed.

The hack comes during a period of financial difficulty for the University of Nottingham. The university is currently operating in an £85 million financial deficit, with redundancy letters sent to 2,700 staff last month and over 600 jobs proposed to be cut.

Action Fraud, the UK’s national reporting centre for fraud and cybercrime, the Information Commissioner’s Office and other regulatory bodies have been notified, according to the University of Nottingham.

If you are a University of Nottingham student or alumni who believes they have been impacted by the attack, please call the university’s support line on 0115 7486500

For more of the latest news, guides, gossip and memes, follow The Nottingham Tab on Instagram, TikTok and Facebook.

Featured image via Unsplash