Hackers warn University of Manchester students of imminent data leak

The ransomware operation behind a cyberattack on the University of Manchester has begun to email students, warning that their data will soon be leaked after an extortion demand was not paid.

The threat actors claim to have stolen 7 TB of data from the University of Manchester during a June 6th cyberattack in an email sent to students and shared with BleepingComputer.

"We would like to inform all students, lecturers, administration, and staff that we have successfully hacked manchester.ac.uk network on June 6 2023," reads the email.

"We have stolen 7TB of data, including confidential personal information from students and staff, research data, medical data, police reports, drug test results, databases, HR documents, finance documents, and more. and more."

Other students have since reported the emails to the University's Twitter account and were told to forward a sample to the University's IT department.

If you have any information on this attack or others, send us a tip online or via Signal at (646) 961-3731.

The University of Manchester first disclosed the attack on June 9th, warning that data was likely stolen. No further details were provided about the attack, but BleepingComputer later learned it was ransomware.

However, the University of Manchester previously said the incident is not related to the recent MOVEit Transfer data theft attacks, or associated data breach at Zellis.

During ransomware attacks, it is common for threat actors to steal data before attempting to encrypt devices. This data is then used as part of a double-extortion scheme, where the threat actors threaten to leak the data if a ransom is not paid.

No ransomware gang has claimed the attack on University of Manchester, but if they keep to their threats, we will learn more if data is published on a data leak site.

BleepingComputer has contacted the University of Manchester about these emails but did not receive a response.