A phishing attack which took place on the database of Lancaster University is said to have offered hackers access to student data and this includes info related to applicants applying for the academic year 2019-20 like names, addresses, telephone numbers, and email addresses.
Highly placed sources say that the attack was of sophisticated genre and was launched to access info to either manipulate the admission process or with another malevolent process as details of some students were also breached in the attack.
A spokesperson from the university said that the cyber incident was contained on Friday and their focus is on investigating the details such as how the breach took place, for what purpose, who was involved, why was the info access or stolen and such.
Law enforcement agencies have been notified of the incident and a 3rd party investigation will also be prompted if needed.
Phishing Attack- Simply speaking, it is a kind of social engineering attack where threat actors steal user data like logins and credit card numbers by fraudulent means. This is done by targeting victims with emails and SMS induced with malicious links, which further lead to the installation of malware, can encrypt a database as a part of a ransomware attack or reveal critical details for espionage.
In the cyberattack launched on Lancaster University, the hackers infiltrated the network by sending fraudulent invoices to undergraduate applicants. Further details on the incident will be revealed after a detailed probe.
Note- Based in Lancaster, England, the University is reported to be established in 1968 spreading on a 300 acres campus as an autonomous(self-governing) body.
