Oxford University suffers second cyberattack in two months

Oxford University is investigating another significant cybersecurity incident after hackers targeted its Career Connect platform on May 28,

Oxford University is investigating another significant cybersecurity incident after hackers targeted its Career Connect platform on May 28, marking the institution’s second data breach within a span of just two months. The attack has raised concerns about the security of personal information belonging to thousands of users, including alumni, research staff, and recruiters.

Career Connect is an online career services platform that helps connect students, graduates, researchers, and employers with professional opportunities. The system is powered by Target Connect, a service developed by London-based technology company Group GTI. According to Oxford University, cybercriminals exploited a security vulnerability within the platform, allowing them to gain unauthorized access to sensitive user information.

The breach exposed users’ full names and email addresses across multiple account categories. In addition, individuals who did not use single sign-on (SSO) authentication had their encrypted passwords compromised. Although encrypted passwords are generally more difficult to misuse, cybersecurity experts warn that stolen credentials can still be valuable to attackers, particularly if weak passwords are involved.

Following the incident, Oxford University took immediate action by resetting passwords for affected alumni, research staff, and employer accounts. The university also confirmed that the vulnerability responsible for the attack has since been patched. Officials emphasized that certain categories of information remained secure and were not accessed during the breach. These include course-related information, uploaded documents, appointment records, and financial data.

Despite the seriousness of the incident, limited information has been released by Group GTI regarding the attack. The company reportedly informed Oxford University that the breach appeared to be focused on collecting login credentials, which could potentially be used in future phishing campaigns. Beyond this statement, no additional details have been publicly disclosed about the nature of the attack or the methods used by the hackers.

The incident has prompted wider concerns because Target Connect is not exclusive to Oxford University. The platform is used by numerous educational institutions across the United Kingdom and internationally to manage career services and employer engagement. As a result, cybersecurity experts are questioning whether Oxford was the sole victim of the attack or simply the first institution to publicly report it. The possibility that other universities may have been affected remains unclear.

The breach comes amid growing concerns about cyber threats facing educational institutions worldwide. Universities often store large volumes of personal, academic, and professional information, making them attractive targets for cybercriminals. Attackers frequently seek to obtain credentials, personal details, or access to institutional networks that can be exploited for financial gain or phishing schemes.

Adding to these concerns, reports indicate that a much broader cyber incident involving approximately 8,800 educational organizations resulted in the compromise of data belonging to an estimated 275 million students, teachers, and employees. This highlights the increasing scale and sophistication of cyberattacks targeting the education sector.

As investigations continue, Oxford University is encouraging users to remain vigilant, update their passwords, and be cautious of suspicious emails or phishing attempts. The incident serves as another reminder of the critical importance of strong cybersecurity measures in protecting personal and institutional data in an increasingly digital world.