Overview
- University staff detected unauthorized activity on the Campus Solutions student‑records system on Tuesday and immediately took the platform offline to contain the incident.
- The cybercriminal group ShinyHunters claimed responsibility and posted an alleged 40GB archive of stolen files on its leak site.
- Independent analysis by breach monitors found roughly 454,600 unique student and alumni records in the data, including names, emails, addresses, dates of birth and passport numbers.
- The leaked material reportedly includes financial and billing records plus student finance and payment details, and the university has opened a forensic investigation with the third‑party vendor while notifying Action Fraud, the ICO and the NCA.
- The breach has disrupted exam marking and prompted a student support line and direct notifications; security experts warn it highlights wider risks in Oracle/PeopleSoft Campus Solutions instances when configurations are left exposed.