RSS

Oxford University discloses data breach after careers platform hack

Brajeshwar1 pts0 comments

Oxford University discloses data breach after careers platform hack

Home<br>News<br>Security<br>Oxford University discloses data breach after careers platform hack

Oxford University discloses data breach after careers platform hack

By Sergiu Gatlan

June 8, 2026

07:14 AM

The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised.

This platform is also used by other UK educational organizations, such as King's College London and the University of Manchester, to run their institution-specific career hubs.

Founded in 1096, Oxford is a collegiate research university comprising 43 autonomous colleges with more than 26,000 students and over 5,900 research, teaching and research support staff, and is the oldest university in the English-speaking world.

Oxford University said the CareerConnect platform was breached on May 28 by attackers who gained access to users' first names, last names, email addresses, and encrypted passwords (for users who do not sign in using Single Sign-On (SSO).

"Alumni, research staff and employer users access CareerConnect with a password set locally on CareerConnect. These passwords were invalidated by GTI and users will be asked to reset their password next time they sign in," the university said.

"There is no evidence that course information, uploaded files, appointment information, or financial information were involved in this incident. GTI has stated this breach appeared to be focused on gathering credentials which may lead to phishing attempts."

The institution noted that the incident affected only GTI's third-party system and that there is no evidence that the attack has compromised university systems. Additionally, GTI and the university have found no evidence that students' passwords or financial information have been accessed.

It also warned staff, students, and external CareerConnect users that they might be targeted by phishing or scam emails.

This is the second data breach disclosed by Oxford University this year, following the ShinyHunters extortion gang's breach of Instructure's Canvas learning management system (LMS), which the university uses, in early May.

After the attack, the hackers claimed to have stolen 280 million records tied to students and staff from 8,809 colleges, school districts, and online education platforms worldwide. Instructure reached an agreement with the cybercrime group, saying that the hackers returned the stolen data and provided shred logs confirming its destruction.

Oxford University confirmed it was one of the victims, adding that its systems were not compromised and that the exposed data was limited to usernames, Canvas email addresses, messages exchanged between users on the platform, course names, and course enrolment information.

An Oxford University spokesperson was not immediately available when contacted by BleepingComputer earlier today for comment on the CareerConnect data breach.

Test every layer before attackers do

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.<br>The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Related Articles:

Over 20,000 Instagram accounts stolen in Meta AI support hack<br>What 2026 DBIR Confirms: Attacks Are Living in the Browser<br>DentaQuest data breach exposed info of 2.6 million accounts<br>UN food agency discloses breach affecting 600,000 Gaza households<br>NCSC's &lsquo;Proactive Notifications&rsquo; warns orgs of flaws in exposed devices

CareerConnect

Data Breach

Oxford

Oxford University

UK

Sergiu Gatlan

Sergiu is a news reporter who has covered the latest cybersecurity and technology developments for over a decade. Email or Twitter DMs for tips.

Previous Article

Next Article

Post a Comment Community Rules

You need to login in order to post a comment

Not a member yet? Register Now

You may also like:

Popular Stories

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

Chinese APT deploys new malware to keep access to hacked networks

Sponsor Posts

Your AI tools are leaking sensitive data. Get a free audit.

New webinar: Behind-the-scenes of device code phishing kits

Build cyber resilience with Wazuh: The open-source SIEM & XDR for proactive protection

Your last pentest was 345 days ago. What changed since then?

The State of Healthcare Credential Exposure in 2026: Read the (Ungated) Report

Login

Username

Password

Remember Me

Sign in anonymously

Sign in with Twitter

Not a member yet? Register Now

Reporter

Help us understand the problem. What is going on with this comment?

Spam

Abusive or Harmful

Inappropriate content

Strong language

Other

Read our posting guidelinese to learn what content is...

university breach oxford data platform careerconnect

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.