Revealed: The eight Russell Group unis hit by cyber attacks since 2020 – Nottingham the most recent

Passport numbers and financial information were among details exposed in Nottingham’s 2026 attack – whilst Warwick kept data breach secret from its own students

The University of Nottingham is the latest Russell Group university to be hit by a cyber attack, with around 455,000 records exposed including national insurance numbers, postal addresses and financial details.

However, Nottingham isn’t the only Russell Group to have been targeted by cyber attackers: Seven other Russell Group universities have also received direct attacks since 2020, while others have fallen victim to software hacking.

Here are all the direct cyber attacks on Russell Group universities since 2020 

University of Nottingham, 2026

Nottingham is the latest university to be targeted by criminal hackers, with students’ personal and financial information compromised, potentially including national insurance numbers and postal addresses among other sensitive data. The total number of students affected is said to be large, with the breach obtaining 455,000 email addresses. All students affected have been contacted, and the university is working to establish further details.

University of Oxford, 2026

Students’ contact information was obtained by hackers, who retrieved personal student details. Names and email addresses of students were accessed via the frequently used CareerConnect site. Hackers were even able to obtain the encrypted passwords of some students, sparking university-wide cyber security concerns. The platform was secured soon afterward.

University of Cambridge, 2024

In February 2024, Cambridge’s IT services were disrupted by a DDoS attack claimed by Anonymous Sudan, a hacktivist group citing the UK government’s foreign policy as motivation. Student services including CamSIS and Moodle were temporarily affected. No data was stolen.

University of Manchester, 2024

Manchester was targeted in the same February 2024 DDoS attack as Cambridge, with off-campus IT services disrupted for several days. The university confirmed connectivity issues had stabilised within 48 hours. No data was stolen.

Imperial College London, 2023

Students were the victim of cybercriminals who hacked into Imperial’s services. Criminals were able to access sensitive information such as names and how much money students owed to the university, though bank details were not accessed. The situation was quickly resolved and the network was secured.

Newcastle University, 2020

In September 2020, criminal hackers blackmailed Newcastle University at ransom. They threatened to release the personal data of students and staff if they did not receive payment. The university didn’t pay the ransom, and as a result students’ stolen data was published on the dark web.

University of Edinburgh, 2020

The university’s ARCHER supercomputer was taken offline after crypto-mining malware was detected across multiple European research supercomputers simultaneously. Some user accounts were compromised and the system remained offline whilst security was restored.

University of Warwick, pre 2020

In 2019 a data breach affected students’ personal information. It was revealed by Sky News that in 2020, staff and students had been kept unaware for over six months, and that Warwick’s security systems made it impossible to establish exactly what information had been compromised.

The Blackbaud cyber attacks, 2020

Though other Russell Group universities have managed to escape recent cyber attacks, not all of them have come out unscathed: several have had their administration software targeted. The most prominent instance of this was in 2020, involving an attack on the system Blackbaud.

Blackbaud is a fundraising and alumni management software used by universities to manage donor relationships and alumni data.

Here are all the universities affected by the attack on Blackbaud

  • University of Birmingham
  • University of Exeter
  • University of Glasgow
  • University of Leeds
  • University of Liverpool
  • University of Reading
  • University of Strathclyde
  • University of York
A University of Nottingham spokesperson said: “The University of Nottingham has been the victim of a cyber incident and a significant amount of data in our student record system has been accessed by a well-known cybercriminal group.
“This is now the subject of a criminal investigation. We are working with the third party that maintains the platform to investigate and we will continue to support the police with their enquiries. While the investigation continues, we are unable to provide further information on the nature and extent of the cyber attack.
“We understand that those affected will have concerns about what this means for their personal data and we are contacting them directly to offer advice and support as we learn more about the incident. We have set up a telephone helpline to provide practical support and advice for anyone that has concerns over how this incident may have affected the security of their personal data.
“We take the privacy and security of data that we hold seriously. We have notified the Information Commissioners’ Office in accordance with our legal obligations. The National Cyber Security Centre, the Office for Students and Action Fraud have also been notified.”

A University of Oxford spokesperson said the university’s own passwords were not compromised through the incident: “Oxford students access CareerConnect using University Single Sign-on (SSO) accounts. No University of Oxford passwords were compromised through this incident.”

If you are a University of Nottingham student or alumni who believes they have been impacted by the attack, please call the university’s support line on 0115 7486500.

Featured image via Unsplash

More on: News University University rankings