Cyber Incident Victim: University of Portsmouth

The University of Portsmouth experienced a significant disruption to its IT network on or around April 13, 2021, leading to the closure of its campus. The institution publicly attributed the incident to unspecified “technical disruption,” but external reports indicated the event was believed to be a ransomware attack. The university announced the campus closure through its website, stating buildings would remain closed until April 19. This timeframe coincided with the university’s scheduled Easter break, during which students were already away from campus. The university’s public notice advised stakeholders to “bear with us while we address the issue” and promised updates as more information became available. No further technical details about the attack vector, ransomware variant, or initial detection methods were disclosed in the immediate aftermath.

The incident caused operational disruptions to university services reliant on the compromised IT network, though academic impacts were mitigated by the timing during a scheduled break. The campus closure represented a tangible containment measure, suggesting the attack affected critical infrastructure beyond isolated systems. The university did not disclose whether data exfiltration occurred, whether a ransom demand was issued, or which specific systems or data were compromised. Recovery efforts remained ongoing at the time of reporting, with the university committing to restoring operations by April 19. No law enforcement statements or third-party forensic investigations were referenced in the initial public communications.