Skip to content
Tech News
← Back to articles

Nottingham University data breach affects over 450,000 students

2026-06-11 | original
read original get Data Breach Prevention Software → more articles

The University of Nottingham confirmed on Wednesday that a hacking group gained access to its student records system in a breach affecting both current students and alums.

Nottingham University is a public research university with 7,000 staff and over 46,000 students, ranking in the Top 20 in the United Kingdom and the Top 100 worldwide.

The university told BleepingComputer in an emailed statement that the incident exposed a "significant amount of data," and that the breach has been reported to the UK's Information Commissioner's Office.

"The University of Nottingham has been the victim of a cyber incident and a significant amount of data in our student record system has been accessed by a well-known cybercriminal group", the university said. "We are working with the third party that maintains the platform to lead a forensic investigation."

"We take the privacy and security of data that we hold seriously, and we have reported this incident to Action Fraud and the Information Commissioner's Office," it added.

While the university has yet to attribute the attack, the ShinyHunters extortion gang claimed responsibility on Tuesday and shared an archive of allegedly stolen documents as proof.

In a post on their dark web leak site, the cybercrime group claims to have stolen over 40GB of documents containing student finance data, billing and payment information, credit card and payment details, and campus portal exports from the University of Nottingham and its Malaysia and China campuses

Nottingham University on ShinyHunters leak site (BleepingComputer)

ShinyHunters also added that the stolen documents contain the affected students' full names, home addresses, IP addresses, phone numbers, and dates of birth.

​After analyzing the leaked data, breach notification service Have I Been Pwned said on Wednesday that the resulting data breach affects 454,600 former and current students, including their "email addresses along with extensive personal information including names, addresses, phone numbers, ethnicities, disabilities, passport numbers and information relating to academic enrolments and fee payments."

... continue reading

Explore topics: bleepingcomputer breach data breach nottingham shinyhunters
Related:
ShinyHunters Hacked 100+ Organizations By Exploiting an Oracle PeopleSoft 0-Day
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Maine disables data breach notification portal after fake disclosures
Pharma giant Novo Nordisk discloses breach of clinical trials data

© 2026 GoKawiil

About | Editorial Policy | Contact