Cyber Incident Victim: South Eastern Regional College
Date:
Jun 2018
Location:
United Kingdom
Summary
A cybersecurity incident at South Eastern Regional College potentially exposed personal and financial data, including bank account numbers and sort codes, belonging to hundreds of staff members. The breach was detected through monitoring of suspicious email activity, prompting the institution to notify affected individuals, establish a helpline, and report the incident to law enforcement and data protection authorities. While the college confirmed no evidence of data exfiltration and characterized communications as precautionary, staff were advised to monitor their accounts for fraudulent activity. The PSNI Cyber Crime Center engaged with the institution during the response.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 28, 2018, South Eastern Regional College (SERC) discovered a significant security breach during routine monitoring of suspicious email activity, potentially exposing personal and financial data of hundreds of staff members. Chief Executive Ken Webb notified affected employees via letter, confirming unauthorized access might have compromised sensitive information including bank account numbers and sort codes. The breach impacted SERC's workforce of over 1,000 full-time and part-time staff, though the institution's 8,000 student population appeared unaffected based on available reports. Webb's communication advised staff to vigilantly monitor their bank accounts for fraudulent transactions or identity theft indicators, while formally apologizing for the security failure. The college promptly reported the incident to both the Police Service of Northern Ireland (PSNI) and the UK Information Commissioner's Office, fulfilling mandatory data breach notification obligations under relevant regulations.
PSNI's Cyber Crime Centre, led by Detective Chief Inspector Michael Harvey, confirmed active liaison with SERC to investigate the email hacking incident, though no public details emerged regarding potential threat actors or attack vectors. The college established a dedicated helpline for concerned staff while maintaining that communications about data exposure were precautionary, emphasizing investigators found no conclusive evidence that personal information had actually been exfiltrated or misused. This incident marked one of Northern Ireland's largest further education sector breaches at the time, highlighting vulnerabilities in institutional email systems despite SERC's assertion of taking data protection "very seriously." The college's public statements focused on containment and stakeholder reassurance rather than disclosing technical specifics about the breach's origin or duration. No subsequent reports of financial fraud or identity theft directly linked to this breach were documented in the available source material following the initial disclosure.