At least seven UK universities have been targeted in a ransomware attack on their cloud services provider, Blackbaud, who paid an undisclosed ransom after being promised that the stolen data would be destroyed.

The attack on Blackbaud’s systems happened in May this year, but it was not publicly disclosed until 16 July. According to the BBC, institutions that were affected include:


  • University of York
  • University of London
  • University of Leeds
  • University of Reading
  • Oxford Brookes University
  • University College, Oxford
  • Loughborough University
  • Ambrose University in Alberta, Canada
  • Young Minds
  • Human Rights Watch
  • Rhode Island School of Design in the US


Blackbaud posted a statement on their website that revealed it had handed over ransom money to the cybercriminals on the assurance that any and all purloined data would be purged from their systems.

“Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed,” the company’s statement said.

“Based on the nature of the incident, our research and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly.”

The cloud service provider has assured that no bank account details, or credit or debit card details of any individual were accessed or at risk from the attack. The hackers were able to access data including names, gender, contact information, email address and donation history in some cases.

Some of the institutions affected, including the University of London, University of York, Oxford Brookes and Ambrose University have contacted former students, faculty staff, and donors about the breach in security to warn them that their confidential data may have been compromised.

A statement made by the University of York said that officials for the institution were working with Blackbaud to make clear the delay between discovering the attack and being notified by the service provider, as well as reviewing new security enhancements.

The university has also informed the Information Commissioner Office (ICO) about the incident and was now awaiting further guidance.

A spokesperson for the ICO said: “People have the right to expect that organisations will handle their personal information securely and responsibly.”

“The University of York has reported an incident to us, and we will be making inquiries.”

This is not the first time that British universities have been subjected to cyber-attacks. In 2018, Iranian hackers led a months-long campaign to hack into the systems of over 18 UK universities, successfully breaking through the defences of at least one of their intended targets.

The hackers tried to phish people with university log-ins in an attempt to learn their passwords. To make the emails look genuine, the group created several fake websites that looked similar to the originals.

Ransomware attacks and phishing are just some of the ways that cybercriminals attempt to hack into the systems of businesses, individuals and organisations every day. If you need to bolster your cyber security and need experts in London, contact our team today.