Manchester students told hackers will release ‘life destroying’ data unless uni pays ransom

Hackers have emailed University of Manchester students claiming to have stolen their “private and sensitive” data and saying they will release this data unless the university meets their demands.

The sinister email, sent to students shortly after 11am this morning, told them to “think about your future and your career” as “this data can destroy your life”.

The hackers – whose identities remain unknown – claimed students were “gun ‘meat’ for an administration that does not care about you”.

The email, which The Manchester Tab understands to have been sent to almost half of all students – offered students two options. The first was to contact administration and “demand that they keep your date safe by resolving this issue”. The second, more alarmingly said: “If [university] management does not contact us in 24 hours, we will allow any student to pay a small fee to us for the non-disclosure of their data alone.”

A spokesperson for the University of Manchester told The Manchester Tab this afternoon “in-house experts are working around-the-clock to resolve this incident”, adding “all staff and students should be wary of opening suspicious emails or phishing attempts and report them to our IT department”.

A screenshot of the email received by thousands of University of Manchester students this morning

The alleged leaked data is said to include include “police reports, academic investigations, health data, and disability information” as well as personal information such as your full name, date of birth, UCAS number, email address and home address.

In the email, the hackers chillingly ask students :”Ever cheat on exams? Accuse [sic] of misconduct? Have health incident?”, before  threatening to release this to “everyone”.

Today’s attack, which was sent to thousands of students, comes after hackers say they stole seven TB of data on 6th June. This supposedly includes “drug test results, databases, HR documents, finance documents, and more, and more”.

Patrick Hackett, the chief operating officer for the university wrote to students three days later confirming the university’s system had been hacked. He wrote: “Regrettably, I have to share with you the news that the University is the victim of a cyber incident” and that “some of our systems have been accessed by an unauthorised party and data have likely been copied”.

Patrick Hackett’s email to all students on 9th June

Olly, an international relations masters student told The Manchester Tab: “I’m sure there will be students and staff that are incredibly upset and concerned by the threats from the hackers and the lack of communication especially from the administration.

“Those with sensitive information that has been threatened to be leaked to parents and sold off to shady companies. I think it’s a joke. We should all receive massive compensation from the uni for everything that has happened this year and for the absolute invasion of privacy and damages that this hack and the university’s poor security measure have caused.”

He added: “I think the university administration have been terrible this year in dealing with strikes and student/employee demands and then this just adds another level to everything that we all have to deal with”.

In the email, the hackers take aim at the university. It reads: “You and your families pay a huge amount of money to attend this prestigious university, ranked 28 in the world! But management refuses to protect you.”

“They have the chance to solve this but they would rater keep your money for themselves. In doing so, they have essentially sold your data”.

A second-year student studying history and Spanish commented: “It’s an uncomfortable feeling knowing that someone has your details while already feeling that the uni is incompetent after the way in which they dealt with the teaching and rent strikes across the past year”.

A 21-year-old first year student added: “People who grew up in care or got out of dangerous situations could be at risk if info is actually leaked and the university should definitely be more communicative about this situation as we all feel like we’re in the dark right now.”

The email ended with the threat that if the university does not comply then the data will be “sold on the black market to be used for future criminal purposes. Data which can’t be sold (documents, police reports etc), will be disclose to the public”.

“P.S. Management already knows what data we have. They have asked for proof several times, and we have always given them proof.”

A spokesperson for the University of Manchester told The Tab Manchester: “Following our reporting of a cyber-incident earlier this month, we are aware that some staff and students have been sent emails purporting to be from the people behind it. All staff and students should be wary of opening suspicious emails or phishing attempts, and report them to our IT department.

“Our in-house experts and external support are working around-the-clock to resolve this incident, and to understand what data has been accessed. Our priority is to resolve this issue and provide information to those affected as soon as we are able to, and we are focussing all available resources.

“If anyone is directly affected by this incident they will be contacted through University channels.”

Related stories recommended by this writer:

• Man who killed 19-year-old Manchester Met student Luke O’Connor sentenced to 15 years

• University of Manchester spent £38,000 on private bailiffs to ‘violently’ evict rent strikers

• 12 pints, 12 pubs: This is officially the best Guinness in Manchester