The University of Cambridge medical school’s IT system has been hit by a cyber attack, hampering the work of staff in the department.

The attack, which occurred five weeks ago, led the Medical school to voluntarily take some of their systems offline. The University claims it has “contained” the attack, but stated that disruption is still ongoing and its investigations will likely take some time to complete.

An email sent to staff at the end of February alerted them of “malicious activity”, and stated that “some staff and students are experiencing significant disruption to their work”. The email also assured staff that the university was working to get systems back online as soon as possible.

A further email stated that following the attack there was no access to the local IT network and Wi-Fi, and wired internet access had been turned off in impacted buildings, with the Wi-Fi set to be turned on again that same day.

In a statement, the university said relevant authorities had been informed and restoring files and service had begun but “will take some time”. They also said there was no evidence any data had been taken and the incident was contained.


Mountain View

Cambridge faces cyber attack

The attack is the third known cyber attack to affect Cambridge in recent months, with the University Library and University servers being subject to separate attacks. It is unclear whether this “malicious activity” is related to either of these events.

The UK’s data regulator, the Information Commissioner’s Office stated that the University of Cambridge had made it aware of an incident and that the regulator is “making enquiries.” A spokesperson for the UK’s National Cybersecurity Centre said it is “working with the University of Cambridge to fully understand the impact of an incident”.

An email sent to staff following the attack advised that people change their passwords immediately if they receive a notice saying someone else has logged in to their account from another device.