The University of Oxford has disclosed a new data breach after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised.
CareerConnect is used by Oxford to manage career services for students, alumni, research staff, and employers. The same platform is also used by other UK educational institutions, including King’s College London and the University of Manchester, to operate their own career hubs.
Oxford University said the breach took place on May 28 and affected the CareerConnect platform operated by GTI. According to the university, attackers accessed users’ first names, last names, email addresses, and encrypted passwords. The password exposure applies only to users who do not sign in through Single Sign-On.
The university said alumni, research staff, and employer users who access CareerConnect with locally set passwords were affected. GTI has invalidated those passwords, and users will be asked to reset them the next time they sign in.
Oxford said there is no evidence that course information, uploaded files, appointment details, or financial information were involved in the incident. GTI also told the university that the breach appeared to be focused on gathering credentials, which could later be used in phishing attempts.
The university stressed that the incident affected only GTI’s third-party system and that there is currently no evidence that Oxford’s own systems were compromised. It also said GTI and the university have found no evidence that student passwords or financial data were accessed.
Oxford warned staff, students, alumni, and external CareerConnect users to be alert for phishing and scam emails following the breach.
A university spokesperson said Oxford remains in contact with GTI to understand the full impact of the incident. The spokesperson also said the information provided by GTI does not suggest that this was a ransomware attack. The university said it does not have information about who was behind the breach, whether any group has claimed responsibility, or any related attribution details.
This is the second data breach disclosed by Oxford University this year. In May, the university confirmed it was affected by a breach involving Instructure’s Canvas learning management system, which Oxford uses.
That earlier incident was linked to the ShinyHunters extortion gang, which claimed to have stolen 280 million records connected to students and staff from thousands of colleges, school districts, and online education platforms worldwide. Instructure later said it had reached an agreement with the cybercrime group and that the hackers returned the stolen data and provided shred logs confirming its destruction.
Oxford said its systems were not compromised in the Canvas incident. The university said the exposed data was limited to usernames, Canvas email addresses, messages exchanged between users on the platform, course names, and course enrolment information.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
