UK Research and Innovation (UKRI), the government department that directs research and innovation funding, suffered a possible ransomware attack last week.
The organization has issued a statement in which it described “data being encrypted by a third-party”. However, it could not confirm whether or not any data was stolen, which is common practice for modern ransomware operators.
According to ZDNet, the attack affected two separate services: a portal used for its UK Research Office (UKRO), based in Brussels, and an extranet (often known as the BBSRC extranet) used by UKRI’s Councils.
Details are scarce, but the organization did confirm that it was still dealing with the consequences and that an investigation is ongoing.
“At this stage, we cannot confirm whether any of that data was extracted from our systems whilst investigations continue,” UKRI says. “We take incidents of this nature extremely seriously and apologize to all those affected.”
“We are working to securely reinstate impacted services as well as conducting forensic analysis to ascertain if any data was taken, including the potential loss of personal, financial or other sensitive data. If we do identify individuals whose data has been taken we will contact them further as soon as possible.”
The ransomware attack has been reported to the UK’s National Crime Agency (NCA), the National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO), the department confirmed.