Troy Hunt Flags 455,000 Emails in University Of Nottingham Data Breach

Hackers accessed a significant amount of data in the university of nottingham data breach on 10 June. The University of Nottingham said the material belonged to current and former students. The accessed records included financial information from the university's record system.

Troy Hunt and 455,000 emails

Troy Hunt, the founder of Have I Been Pwned, said 455,000 unique email addresses were part of the breach. That number does not automatically equal 455,000 people, because a single record can hold more than one address. For students and alumni, that leaves open the possibility that university and personal contact details sat in the same exposed file set.

ShinyHunters and the access path

A hacking group called ShinyHunters has claimed responsibility for the cyber-attack according to the Have I Been Pwned website. Hunt said the attackers could have called the university on the phone and gained access through voice phishing, which uses a phone call to trick staff into handing over access. Jonathan Lee of Trend AI said the attack was likely a supply chain attack.

Third-party systems at Nottingham

Lee said hackers could access networks from university campuses through vulnerabilities or holes in systems. He added: “So it's quite possible that this vulnerability in a third-party system that managed all the student data was the way that the threat actor was able to get into the environment and then move around,” That points to a route through another system that handled student records, not only the university's own front door.

Lee also said about 40 gigabytes of data had gone missing according to a trusted source. For current and former students, the immediate practical concern is whether the data tied to them included email addresses, financial details, or both. The unresolved question is which records were actually taken and how the university will separate exposed addresses from exposed people.