Sussex University reveals it was victim of large-scale cyber attack
It is likely that only alumni students were affected
The University of Sussex has revealed that it was affected by a cyber security breach earlier this year.
The ransomware attack was targeted at tech company Blackbaud, which provides The University of Sussex, amongst many other universities, with educational and administrative software. The attack occurred in May, however Blackbaud customers were not informed until earlier this month on July 16. Other institutions have also been affected, including universities and charities.
Although the attack was stopped, some biographical data at Sussex was compromised, such as names, contact and employment details. However it is likely that this breach was limited to the data of former students. The university informed alumni students of this via email on July 23, expressing that no financial data was put at risk, and that there was no need to take further action.
According to the BBC, Blackbaud allegedly paid the ransom, and were given “conformation that the copy [of data] they removed had been destroyed”.
The University of Sussex told The Badger that they are working alongside Blackbaud to ensure that staff and students’ data is secure. They are also looking into why it took so long to be informed of the attack.