The University of Northampton has been hit by a cyber attack that resulted in the disruption of its IT and telephone systems and servers.
The university told IT Pro the attack was detected on March 17, that it has notified the ICO and, as a precaution, is liaising with the police to investigate the attack further. It has rolled out a number of “temporary solutions” to support students and staff.
“We are working with expert consultants to investigate and resolve this issue as quickly as possible, including legal counsel and IT forensics investigators, who are assessing the impact and advising on the appropriate remedial actions," a spokesperson for the university told IT Pro. "The full facts of the situation have not yet been established and we will provide further information as soon as we can."
The university highlighted that cyber attacks on its institutions are becoming increasingly common “as criminals target educational establishments with no regard to the disruption to teaching and learning such attacks cause.”
“At the University of Northampton, we take the safety and security of our information as well as the continuity of our systems and services extremely seriously - and will continue to take every action to protect the organisation against cyber attacks,” the spokesperson added.
Northamptonshire Police also confirmed to IT Pro it was working with the National Cyber Security Centre (NCSC) and the university to investigate the cyber attack. "Enquiries are ongoing," said a spokesperson.
RELATED RESOURCE
The present and the future of higher education IT
Exploring IT’s vital role during the pandemic and how they can help shape the university of tomorrow
The NCSC said that since late February 2021, there has been an increased number of ransomware attacks on education establishments in the UK, including schools, colleges and universities. The organisation had previously acknowledged an increase in ransomware attacks on the UK education sector during August and September 2020.
At the start of September last year, Northumbria University suffered a cyber attack that forced the clearing hotline and student portal offline. A number of exams scheduled for the week it happened were also postponed.
Similarly the week after, Newcastle University was held ransom after cyber criminals hacked into its systems at the start of September. The criminals allegedly posted some of the data on the dark web and threatened to post more if a ransom wasn’t paid.
-
The Race Is On for Higher Ed to Adapt: Equity in Hyflex Learning -
Google faces 'first of its kind' class action for search ads overcharging in UKNews Google faces a "first of its kind" £5 billion lawsuit in the UK over accusations it has a monopoly in digital advertising that allows it to overcharge customers.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Healthcare systems are rife with exploits — and ransomware gangs have noticedNews Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
-
Alleged LockBit developer extradited to the USNews A Russian-Israeli man has been extradited to the US amid accusations of being a key LockBit ransomware developer.
-
February was the worst month on record for ransomware attacks – and one threat group had a field dayNews February 2025 was the worst month on record for the number of ransomware attacks, according to new research from Bitdefender.
-
CISA issues warning over Medusa ransomware after 300 victims from critical sectors impactedNews The Medusa ransomware as a Service operation compromised twice as many organizations at the start of 2025 compared to 2024
-
Warning issued over prolific 'Ghost' ransomware groupNews The Ghost ransomware group is known to act fast and exploit vulnerabilities in public-facing appliances
-
The Zservers takedown is another big win for law enforcementNews LockBit has been dealt another blow by law enforcement after Dutch police took 127 of its servers offline
