Hacking attack against Lancaster University results in theft of students’ personal data

Lancaster University's (LU) current and prospective pupils have lost personal data in a hacking attack after the hackers acquired admission into databases which had the students' personal information, and now the victims are risked with becoming subject to more cyber assaults. The hack has enabled the con artists access data records of 2019 and 2020 undergraduate applicants, consisting of names, e-mail addresses, telephone numbers and postal addresses. In a confirmatory statement Lancaster University indicated its awareness of fake invoices that had been dispatched to the inboxes of certain undergraduate applicants, so it was cautioning all applicants for being watchful about any dubious approaches.

It was on July 19 when Lancaster got to know about the hack. Soon it established a team of experts which would deal with the incident through investigation followed with instantly informing ICO (Information Commissioner's Office) about the breach. This was as per requirement within the purview of General Data Protection Legislation. An ICO spokesperson confirmed the reporting of the incident to his office, while ICO was presently analyzing the cache of personal data provided.

According to a spokesman of LU, starting Friday the university had been focusing on protecting its IT servers followed with identifying the affected applicants and pupils as also advising them appropriately. Moreover, the agencies of law enforcement too were conducting an investigation, he said. www.theguardian.com posted this, July 23, 2019. The university advised staff, students and applicants for contacting the institution in case of getting any dubious communications.

CEO Tim Sadler at Tessian a cyber security company stated universities were again-and-again picked up in cyber attacks making them the prime targets. The National Cyber Security Center recently reported that phishing scams related to universities had considerably increased during 2018, with the Student Loans Company and three universities getting listed within the ten most important phishing takedowns of the year.

As records and databases pertaining to students get endangered, universities require considering the most optimum method for protecting inmates against these attacks.

Along with spam filters and mail administrators for assisting in locating phishing e-mails, the institutions should leverage detection systems that utilize largely resourced metadata.

» SPAMfighter News - 8/2/2019