04 June 2021

The cyberattack on Glasgow Caledonian University on Friday May 14 has not so far yielded evidence of data theft and ransom note in the code, the institution said.

Officials described the incident, which downed IT systems, as a ‘limited cyberattack’, which was detected early and led to technical teams working throughout the weekend to contain its spread.

Cyber security experts have been brought in to work on the incident with support from Police Scotland, the National Cyber Security Centre (NCSC) and the Scottish government’s Cyber Resilience Unit.

“Last Friday (14th May), our IT security software and staff identified that GCU had been subject to a limited cyberattack,” a Glasgow Caledonian University spokesperson said in a statement. “Unauthorised access was detected early and our team worked over the weekend to contain it and limit any potential damage. There is no evidence to suggest data has been compromised, nor that ransomware is present.”

As a precaution, the university said access to some limited IT systems have been restricted until a full evaluation and any necessary remedial action is completed. The spokesperson added that the university “will look to have all systems fully functional” at the earliest possible opportunity. They also said that telephone lines are temporarily affected, though students and staff will naturally contact us by email, messaging systems and calls diverted to mobile phones.

The university said all of its students have been made aware of the attack. Students wishing to contact the university in relation to this matter can still do so by emailing studentsupport@gcu.ac.uk, it said.