The U.K. Research and Innovation (UKRI) center confirmed that it suffered a ransomware attack that encrypted sensitive data and affected two of its services – a portal for the U.K. Research Office (UKRO) based in Brussels and an extranet (also known as the BBSRC extranet) used by Councils.
The UKRO portal provides research information to the subscribers, and the BBSRC extranet is used for peer review processing. UKRI temporarily suspended both the services to avoid further damage.
UKRI is a government entity supported by the Department for Business, Energy, and Industrial Strategy (BEIS) to manage investments in science and research and support innovative business opportunities in the U.K. The compromised information included grant applications, expense claims, and review data hosted in the portals. However, there is no information on whether any financial information has been compromised in the incident.
UKRI has reported the security incident to the U.K. National Crime Agency (NCA), the National Cyber Security Centre (NCSC), and the Information Commissioner’s Office (ICO).
“UKRI councils and a number of cross-cutting schemes use the impacted extranet for some of their peer review activity as a result the data that has been compromised includes grant applications and review information. Although we do not know at this stage whether the data has been taken. We are working to securely re-instate impacted services as well as conducting forensic analysis to ascertain if any data was taken, including the potential loss of personal, financial or other sensitive data,” UKRI said.
The number of businesses in the U.K. affected by cyberattacks has increased after the country went into lockdown. Several organizations suffered over 177,000 targeted attacks between April and June 2020, which accounts for one cyberattack every 45 seconds. Organizations in the U.K. need to take the necessary actions to improve their cybersecurity resilience and keep their employees and data as secure as possible.
 suspended its operations after unknown third-party actors compromised two of its services in a ransomware attack.){kind=link}