A cybercriminal gang known as ShinyHunters has broken into the University of Nottingham’s student records system and stolen more than 40GB of data. The university confirmed the incident and said it is treating the breach seriously, working with forensic investigators, and reporting the attack to the UK’s data protection authority (the ICO) and Action Fraud.
The stolen files are believed to include full names, home addresses, phone numbers, dates of birth, passport numbers, national insurance numbers, disability information, and financial details such as student billing records and credit card data. Roughly 454,600 current and former students at the university’s campuses in the UK, Malaysia, and China are potentially affected. The breach is part of a wider ShinyHunters campaign targeting Oracle’s PeopleSoft software, which is used by universities, hospitals, and large employers worldwide.
How to check if you’re affected
Affected products include the Oracle PeopleSoft student records system at the University of Nottingham. If you studied or worked at any of the university’s campuses — in Nottingham (UK), Malaysia, or China — your personal information may be in the stolen data.
- Visit HaveIBeenPwned.com and enter your university email address to see if your account appears in known breach data.
- Watch for emails claiming to be from the university asking you to click a link or confirm your details — these could be phishing attempts exploiting the breach.
- Consider placing a fraud alert with a credit reference agency (Experian, Equifax, TransUnion) if you are worried about someone misusing your passport number or financial data.
- The university will contact affected individuals directly. If you receive official communications, verify they come from a
@nottingham.ac.ukemail address.