Bleeping Computer reports that the University of Oxford has reported a data breach affecting its CareerConnect platform, a service provided by a third-party vendor, Group GTI. This incident raises concerns about the security of student and staff data.The breach occurred on May 28, with attackers gaining access to users' first names, last names, email addresses, and encrypted passwords for those not using Single Sign-On. The university stated that passwords for users who set them locally on CareerConnect have been invalidated and will require resetting. Group GTI indicated the breach likely aimed to gather credentials for phishing attempts. There is no evidence that sensitive information such as course details, uploaded files, appointment records, or financial data was compromised.This incident is the second data breach disclosed by Oxford this year, following a May incident involving Instructure's Canvas learning management system, which was targeted by the ShinyHunters extortion gang. While that breach affected usernames, email addresses, messages, and course information, Oxford confirmed its own systems were not compromised in either event. The university has warned users of the CareerConnect platform to be vigilant against potential phishing or scam emails.Source: Bleeping Computer
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
Attack VectorYou can skip this ad in 5 seconds