The University of Nottingham (nottingham.ac.uk) in GB was targeted by ransomware activity attributed to shinyhunters, resulting in the compromise of over 40 GB of billing and payment records along with student finance data and campus portal exports from its Malaysia and China operations. Exfiltrated information included credit card and payment details and sensitive personal and transaction data such as payer contact details, IP addresses, full names, home addresses, postcodes, emails, phone numbers, and dates of birth. #UnitedKingdom
Incident Details
- Victim: nottingham.ac.uk
- Sector: Education
- Country: GB
- Actor: shinyhunters
- Source:
- Discovered: 2026-06-09T19:26:21.804789+00:00
- Published: 2026-06-09T19:26:19.058082+00:00
Information
- Over 40 GB of billing and payment records, credit card and payment details, student finance data, and campus portal exports from the University of Nottingham and its Malaysia and China campuses were compromised.
- The exposed data included payer contact information, transaction amounts, IP addresses, full names, home addresses, postcodes, email addresses, phone numbers, dates of birth, and other internal campus data.
- Size: 19GB+ (compressed)
- Updated: 10 June 2026
- SHA256: d3aaaf06dd857deec3866072cc2876780623d880992e8d735094db4779535873
Disclaimer: This post is based on public claims made by the ransomware group "shinyhunters". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.