Text updated on Friday 12 June 2026.
The 海角黑料 has been the victim of a cyber incident and a significant amount of data in our student record system has been accessed by an external third party.
On Tuesday 9 June we identified unauthorised activity within our Campus Solutions student records platform. We immediately took the affected systems offline to contain the incident and launched a comprehensive investigation.
While we are still investigating the nature of the incident, it is likely that data has been accessed by a well-known cybercriminal group that also targeted a number of other organisations.
We are working with the third party that maintains the Campus Solutions platform and with teams from JISC (Joint Information Systems Committee) to lead a forensic investigation into this incident.
We are in the process of verifying the exact scope of the data accessed and will provide further updates as our investigation confirms these details.
What we are doing
- Containment: The affected system was immediately secured and isolated
- Forensics: We are working with expert cyber analysts to identify the root cause
- Regulatory compliance: We have formally reported this incident to the Information Commissioner’s Office, Action Fraud, and to the Office for Students.
- Support: We have set up a phone line if you have any further questions and we will provide any further updates as soon as we can.
Recommended actions for students, alumni and applicants
While we continue our work, we urge you to take the following precautions:
- Monitor your accounts: Be vigilant regarding any unexpected or suspicious communication – especially those requesting financial information or credentials
- Update credentials: As a proactive measurement, update passwords for any accounts that share credentials with any university systems you use
- Stay informed: We have established a dedicated support line at 0115 74 86500, which we will update in real-time as we learn more; please also keep checking your university email address for further updates
This is a serious incident, and we are very sorry if your information has been involved. If you have any questions or concerns, please do contact our support helpline on 0115 74 86500.
FAQs
The university has been a victim of a cyber attack which allowed them to gain remote access to parts of our student records system, and we are working on the assumption that personal data has been accessed. We identified the incident on 9 June 2026 and took Campus Solutions offline immediately. A full forensic investigation is underway.
Our forensic investigation has identified that an external threat actor exploited a vulnerability in Oracle WebLogic, which supports our Campus Solutions platform. This vulnerability allowed unauthorised remote code execution, giving the attacker access to parts of the system. Our investigation into the full attack timeline is ongoing. We have since contained the incident and the system is currently offline while we secure and rebuild our system.
Has this been reported to the relevant authorities?
Yes. We have notified the Information Commissioners’ Office (ICO) in accordance with our legal obligations. The National Cyber Security Centre (NCSC), the Office for Students (OfS), UCAS and Action Fraud has been notified.
What data has been accessed in this incident?
We have been the victim of a sophisticated cyber incident. We have confirmed that an unauthorised third party gained access to our Campus Solutions system. We are operating on the precautionary assumption that students and some alumni and applicant personal data has been accessed, and we have been contacting those who may be affected to suggest protective measures. We sincerely apologise for this situation.
What should I do to protect myself
While we work to secure our system, we recommend that you take these steps to keep your personal information safe:
- Change Your Passwords: If you use the same password for your university account that you use for other personal accounts (like email, banking, or social media), please change those passwords immediately. Use a unique, strong password for each of your important accounts.
- Be Alert for Phishing: Criminals may use your compromised contact details to send fraudulent emails, texts, or social media messages. These messages often appear to come from official sources—like the University, your bank, or government agencies—and may ask you to "verify" your details or click a link. Always be sceptical of unexpected requests for information.
- Don't Click, Don't Reply: Do not click on links, download attachments, or reply to suspicious messages. If you receive a communication that seems unusual, contact the organisation directly using a verified phone number or website (do not use the contact details provided in the suspicious message).
- Enable Multi-Factor Authentication: Wherever possible, turn on "Two-Step Verification" or "Multi-Factor Authentication" on your personal accounts. This adds an extra layer of security that prevents someone from accessing your account even if they have your password.
- Monitor Your Accounts: Keep a close eye on your bank statements and any online accounts for unauthorised activity.
Does this affect other systems such as OneDrive, email or other Systems?
No. This incident relates specifically to Campus Solutions (PeopleSoft), our student records system, which operates within an isolated IT environment maintained by an independent third-party provider. Microsoft 365 services including OneDrive, email, Teams and Moodle were not affected.