Cambridge University Press & Assessment (CUPA), a prominent academic publisher, recently experienced a significant cyberattack that disrupted its operations. On June 27, 2024, CUPA reported technical difficulties following a breach affecting part of its publishing systems. The attack led to a temporary loss of email access for some employees, but the company is making progress in restoring full functionality.
The hacking group INC Ransomware has claimed responsibility for the incident, revealing stolen documents such as supplier invoices and service contracts on their disclosure page. Formed in August 2023, INC Ransomware is known for its sophisticated attacks and use of double extortion tactics, which involve encrypting data and threatening to release it publicly unless a ransom is paid.
This attack is part of a troubling pattern for Cambridge University, which has faced several cyber incidents this year, including attacks on its Medical School and University servers. The connection between this latest attack and previous breaches at the University Library and British Library is still unclear.
CUPA has engaged external IT and forensic experts to address the situation and is working with authorities, including the UK’s National Cyber Security Centre. Despite the disruption, the company’s external customer-facing platforms and ongoing exam series remain unaffected, and CUPA is committed to providing updates as the investigation progresses.
Reference:
