Key Takeaways:
- Hackers accessed records of 454,600 University of Nottingham students and alumni.
- The ShinyHunters group claimed responsibility for the significant June data breach.
- Exposed data includes financial details, passport numbers, and sensitive personal information.
The University of Nottingham confirmed a massive data breach involving 454,600 current and former student records, with the ShinyHunters cybercriminal group claiming responsibility for the June 2026 security incident.
Forensic Investigation Launched
The university identified unauthorized access to its student record system on Tuesday, June 9, 2026. Officials immediately took the affected systems offline and initiated a forensic investigation alongside the third-party provider that manages the platform.
“The University of Nottingham has been the victim of a cyber incident, and a significant amount of data in our student record system has been accessed by a well-known cybercriminal group,” a university spokesperson said.
The institution confirmed it has reported the breach to Action Fraud and the Information Commissioner’s Office. According to the university, the incident affects both current students and alumni, with potential exposure of contact information, academic records, and financial details.
Scope of Stolen Information
The breach, which involves tens of gigabytes of data published online by the attackers, appears to be part of a wider campaign targeting Oracle PeopleSoft environments globally. Security analysts suggest that over 100 organizations have been impacted by similar exploits.
Data notification service Have I Been Pwned reported that the exposed files contain a wide range of sensitive personal identifiers. This includes names, email addresses, phone numbers, physical addresses, passport numbers, citizenship statuses, dates of birth, academic histories, ethnicity, disability information, IP addresses, and records related to fee payments.
“We understand that those affected will have concerns about what this means for their personal data, and we will be offering advice and support to our students as we learn more,” the spokesperson added.
Ongoing Security Measures
The University of Nottingham is urging affected individuals to remain vigilant against potential identity theft, fraud, and phishing attempts. Officials have established a dedicated support line and are advising the university community to monitor accounts for suspicious activity.
Students have been instructed to update passwords for any accounts that share credentials with university systems. The University of Nottingham Students’ Union is actively working to guide those impacted as the investigation into the extent of the data compromise continues.
Visit CyberPro Magazine For The Most Recent Information.
