The University of Nottingham data leak indexed by leaksear.ch contains 332,810 records, about 333,000, from a June 10, 2026 breach, including student and applicant names, contact details, dates of birth and academic or application data (leaksear.ch metadata). Have I Been Pwned separately lists 454.6 thousand affected accounts for the broader incident, after data tied to current students and alumni was published online in a ShinyHunters pay-or-leak campaign (haveibeenpwned.com).
What happened
Public reporting places the incident inside the university's student record environment. ITV reported that the University identified unauthorized activity on its Campus Solutions system, took affected systems offline, said a significant amount of student record data had been accessed by a cybercriminal group, and reported the incident to Action Fraud and the Information Commissioner's Office (itv.com).
The Record and SecurityWeek reported that ShinyHunters claimed responsibility and published or listed files from the university, with the group claiming more than 40GB of material. Confirmed facts are narrower: the university said student and alumni data was accessed and that it was still working with investigators and a platform-maintenance third party to verify the exact scope; the initial access vector has not been confirmed in the public reporting reviewed for this article (therecord.media, securityweek.com).
The Record also noted that ShinyHunters has previously misrepresented access in extortion attempts, so its claims about the volume and composition of stolen material should be treated as allegations unless confirmed by the university or a forensic finding (therecord.media).
What data was exposed
leaksear.ch indexing metadata lists searchable values for address, country, date of birth, email address, name, phone number and username. The same metadata lists stored context that includes academic data, applicant and application data, demographic data and institutional identifiers such as applicant IDs, student IDs and UCAS person IDs (leaksear.ch metadata).
Public breach sources describe a wider set of categories in the published files, including names, addresses, phone numbers, passport numbers, ethnicity, disability, citizenship status, genders, usernames, academic enrolment and fee-payment data. Recorded Future News also reported that the university was operating on a precautionary assumption that contact information, course information, student or staff IDs, financial information and protected characteristics may have been accessed (haveibeenpwned.com, therecord.media).
Why this matters
The risk is not limited to spam: contact details combined with dates of birth, usernames, institutional IDs and course or application context can make targeted phishing, account-recovery abuse and university payment scams more convincing (leaksear.ch metadata). Because public reports include possible financial information and government or passport identifiers, affected people should monitor bank and credit activity where relevant and be cautious of messages about tuition, refunds, visas, housing or account support (therecord.media, haveibeenpwned.com). The U.S. FTC advises people exposed in a data breach to watch for unrecognized accounts or charges, consider fraud alerts or credit freezes when appropriate, and report identity theft through IdentityTheft.gov (consumer.ftc.gov). If you have studied at, applied to or otherwise had records with the University of Nottingham, use the exposure check on this page to see whether your own data is present in this leak.
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include address, country, date of birth, email, name, phone, and username.
Sources
- Have I Been Pwned: University of Nottingham Data Breach
- SecurityWeek: University of Nottingham Confirms Breach After Hackers Leak Data
- The Record: University of Nottingham confirms cyber incident as Shiny Hunters group claims data theft
- ITV News: University of Nottingham student and alumni data accessed in hack by cybercriminal group
- Federal Trade Commission: What To Know About Identity Theft