UK Cybercrime Journal: University of Nottingham Breached by ShinyHunters
What Happened On 9 June 2026, the University of Nottingham was listed as a victim on the ShinyHunters Tor data leak site. The attackers leaked over 40GB of billing and payment records, student finance data, and campus portal exports from the University of Nottingham and its Malaysia and China campuses. The data stolen includes contact information, transaction amounts, IP addresses, full names, home addresses, postcodes, email addresses, phone numbers, dates of birth, and other internal campus data. Further analysis of the leaked data by Have I Been Pwned revealed it also contained over 455,000 unique email addresses along with extensive personal information including ethnicities, disabilities, and passport numbers. On 10 June 2026, security researcher @nahamike01 uncovered an exposed server belonging to ShinyHunters and found them targeting Oracle PeopleSoft servers using MeshCentral agents. Plus, analysis the bash_history logs on the server uncovered SSH connections to the IP addre...