Newcastle University is being held to ransom after a cyberattack at the start of the month.
The group behind the attack, known as DoppelPaymer, have posted stolen files from the university online, and are threatening to release more unless they receive a ransom payment, according to a post on Twitter and their dark web site.
They have previously leaked documents online linked to Elon Musk’s companies SpaceX and Tesla.
It is unknown at this time whether Newcastle University intends to pay the ransom to prevent staff and students’ personal data from being leaked online.
A university spokesperson said: “The university is continuing to investigate the full impact of a cyber incident.
“We take the security of our systems extremely seriously and we were able to respond quickly to this situation. Our teams are working with a number of agencies including the police to address the current issues and are continuing to take measures to secure IT services.
“The nature of the problem means this is an on-going situation which we anticipate will take a number of weeks to address. A number of our IT services are not operating and will remain that way for the duration.
We take the security of our systems extremely seriously and we were able to respond quickly to this situation
– University spokesman for Newcastle University
“The office of the Information Commissioner has been informed.”
The university updated its advice to staff and students and said that limited services are still available.
A spokesperson for the UK’s National Cyber Security Centre (NCSC) said: “We are aware of an incident affecting Newcastle University and are providing support.
“The NCSC works closely with the academic sector to improve its security practices and help protect them from threats.”
A spokesperson for the Department for Education said: “We understand that cyber attacks on universities are disruptive for students and staff.
“That is why we regularly work closely with the NCSC with other government departments, agencies, and industry cyber specialists to continuously improve our understanding of cyberattacks in the education sector.
“It is imperative that student and staff data is secure. Every university must ensure their online security is as robust as possible to protect private data from cyber threats.
“We would also urge any institution to follow the world-leading cybersecurity advice provided by the NCSC on its website.”
Newcastle revealed it was previously affected by a cyberattack in May when it was among the institutions compromised by a hack on Blackbaud.