UK Research and Innovation (UKRI) disclosed a ransomware attack which caused disruption in its services and may have led to data theft.
The cyberattack has affected two of the group’s services: a portal used by the Brussels-based UK Research Office (UKRO) and an extranet, known as the BBSRC extranet, which is utilized by UKRI councils.
UKRI which was launched in 2018 is a public body supported by the Department for Business, Energy and Industrial Strategy (BEIS). Nine councils come together under the brand to manage research grants and to support innovative businesses and opportunities in the United Kingdom.
UKRI stated that the cyber incident has resulted in “data being encrypted by a third-party,” which implies that ransomware at fault.
UKRI has not yet disclosed concrete details about the ransomware and is still dealing with disruption to its services.
The UKRO portal is used to provide information to subscribers which comes to around 13,000 — and the extranet is the infrastructure used for peer review processing. Both services are currently suspended.
UKRI stated that they cannot confirm whether any of the data was extracted from their systems as the investigation process is ongoing.
They apologized to all those affected and said that if data has been stolen, this may include grant applications and review information contained in the portals, as well as expense claims.
However, the agency does not yet know whether financial information has been taken. They assured that they are working to securely reinstate impacted services as well as conduct forensic analysis to ascertain if any data was taken, including the potential loss of personal, financial or other sensitive data.
The ransomware attack has been reported to the UK’s National Crime Agency (NCA), the National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO).