Services
Services

Assess

Cyber Incident Response Plan

Cyber Security Risk Assessment

Cyber Threat Intelligence Report

Ransomware Readiness Assessment

Penetration Testing

Red Teaming

Open Source Intelligence (OSINT)

Top Ransomware Groups

Continuous Adversarial Simulation

Protect

Managed Firewall

Managed Network Security

Patch Management

Remote Worker Security

Security Hardening

Vulnerability Management

Wi-Fi Security

Detect

Managed Endpoint Detection & Response (MDR)

Cloud Extended Detection & Response (XDR)

Security Information & Event Management (SIEM)

Endpoint Detection & Response (EDR)

Network Indicator of Compromise Monitoring (IOC)

Cyber Threat Intelligence

Purple Teaming

Blue Teaming

Respond

Business Email Compromise Response

Digital Forensics & Incident Response (DFIR)

PII Data Investigation

Recover

Disaster Recovery

Data Recovery

Microsoft 365 Backup

Ransomware Data Recovery

Secure Backup

Train

Cyber Security Awareness Training

Phishing Simulation Training
Company
Company

About us

About us

Blog

Case studies

News

Contact us

24/7 Emergency: 0333 091 7040

Request a callback
Contact

Cyber attacks, Cyber security, Education, ICO, Ransomware, University

University of Nottingham confirms data breach following ShinyHunters claims

15th June 2026

The University of Nottingham has confirmed it is investigating a significant cyber incident after threat actors linked to the ShinyHunters cybercriminal group claimed responsibility for the theft of student and alumni data.

According to reports, the breach could affect more than 450,000 individuals across the university’s UK, Malaysia and China campuses. The data reportedly includes personal information, financial details and student records, although investigations remain ongoing.

The university has stated that it is working with external cyber security specialists and has informed the Information Commissioner’s Office (ICO) and other relevant authorities.

The incident was reported after data allegedly stolen from university systems appeared on criminal forums associated with the ShinyHunters group, which has been linked to a number of high-profile breaches worldwide.

Education sector remains a key target

Higher education institutions continue to be attractive targets for cybercriminals due to the significant volumes of personal data, financial information and research records they hold.

Universities often operate complex digital environments that support thousands of students, staff, researchers and third-party partners. This can create a broad attack surface for threat actors seeking to gain unauthorised access to systems and sensitive data.

The Nottingham incident follows a number of cyber attacks against educational institutions in recent years and highlights the ongoing challenges organisations face in protecting large and diverse technology estates.

What is ShinyHunters?

ShinyHunters is a recognised cybercriminal group that has been associated with data theft and extortion campaigns targeting organisations across multiple sectors. The group has previously claimed responsibility for several high-profile breaches involving the theft and publication of sensitive data.

Organisations looking to better understand the group’s tactics, techniques and previous activity can read our threat profile here:

https://zensec.co.uk/shinyhunters-ransomware/

A reminder of the importance of cyber resilience

While investigations into the Nottingham breach continue, the incident serves as a reminder of the importance of maintaining robust cyber resilience practices.

Effective cyber security is not solely about preventing attacks. Organisations must also be prepared to identify suspicious activity, respond quickly to incidents and minimise potential disruption when breaches occur.

Key areas of focus include: