• Home
  • cyber
  • Group GTI: Oxford University hit by second data breach in a month
cyber Breach

Group GTI: Oxford University hit by second data breach in a month

May 28, 2026 2 min read
Group GTI: Oxford University hit by second data breach in a month

Oxford University Suffers Second Data Breach in a Month, Exposing Alumni and Staff Data

Oxford University has confirmed a second data breach in under a month, this time targeting CareerConnect, its career services platform, on May 28. The attack exposed the personal data of alumni, research staff, and recruiters, marking another security incident for the institution following a prior breach in April.

The compromised platform, CareerConnect, is operated by London-based tech firm Group GTI and serves as a job-matching tool for students, graduates, and employers. The breach exposed full names and email addresses of affected users, while those not using single sign-on (SSO) authentication also had their encrypted passwords leaked. Oxford stated that no course details, uploaded files, appointment data, or financial records were accessed.

The university attributed the attack to a patched security vulnerability and has since reset passwords for impacted accounts. Group GTI, the platform provider, informed Oxford that the hack appeared to be credential-focused, potentially enabling future phishing attempts. However, the company has not publicly released further details.

Given that Group GTI’s TargetConnect platform supports career services for 8,800 educational institutions worldwide, concerns remain over whether Oxford was the sole target or if other universities may have been affected but have yet to report breaches. The incident follows a broader pattern of cyber threats against academic institutions, with 275 million students, teachers, and employees globally impacted by similar attacks in recent months.

Source: https://www.thenews.com.pk/latest/1404975-oxford-university-hit-by-second-data-breach-in-a-month

Group GTI cybersecurity rating report: https://www.rankiteo.com/company/gti-futures

"id": "GTI1780755836",
"linkid": "gti-futures",
"type": "Breach",
"date": "5/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Alumni, research staff, '
                                              'recruiters',
                        'industry': 'Education',
                        'location': 'United Kingdom',
                        'name': 'Oxford University',
                        'type': 'Educational Institution'},
                       {'industry': 'Technology',
                        'location': 'London, United Kingdom',
                        'name': 'Group GTI',
                        'type': 'Technology Firm'}],
 'attack_vector': 'Patched security vulnerability',
 'data_breach': {'data_encryption': 'Encrypted passwords exposed for non-SSO '
                                    'users',
                 'personally_identifiable_information': 'Full names, email '
                                                        'addresses',
                 'sensitivity_of_data': 'Low to medium (full names, email '
                                        'addresses, encrypted passwords)',
                 'type_of_data_compromised': 'Personal data'},
 'date_detected': '2024-05-28',
 'description': 'Oxford University has confirmed a second data breach in under '
                'a month, this time targeting *CareerConnect*, its career '
                'services platform, on May 28. The attack exposed the personal '
                'data of alumni, research staff, and recruiters, marking '
                'another security incident for the institution following a '
                'prior breach in April. The compromised platform, '
                '*CareerConnect*, is operated by London-based tech firm Group '
                'GTI and serves as a job-matching tool for students, '
                'graduates, and employers. The breach exposed full names and '
                'email addresses of affected users, while those not using '
                'single sign-on (SSO) authentication also had their encrypted '
                'passwords leaked. Oxford stated that no course details, '
                'uploaded files, appointment data, or financial records were '
                'accessed.',
 'impact': {'brand_reputation_impact': 'Yes',
            'data_compromised': 'Full names, email addresses, encrypted '
                                'passwords (for non-SSO users)',
            'identity_theft_risk': 'Potential phishing risk',
            'systems_affected': 'CareerConnect platform'},
 'investigation_status': 'Ongoing',
 'motivation': 'Credential-focused, potential phishing',
 'post_incident_analysis': {'root_causes': 'Patched security vulnerability'},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'containment_measures': 'Password resets for impacted accounts'},
 'title': 'Oxford University Suffers Second Data Breach in a Month, Exposing '
          'Alumni and Staff Data',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Patched security vulnerability'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.