Cyber Incident Victim: SOAS University of London

The School of Oriental and African Studies (SOAS) in London was compromised in a cyber attack by the hacking group Vice Society around September 28, 2022. The breach resulted in unauthorized access to internal systems and the theft of sensitive institutional data. Attackers exfiltrated approximately 18,680 files containing staff employment contracts, budget details, and other confidential documents. Vice Society, known for targeting educational institutions in the UK and US, subsequently leaked the stolen data on the dark web—a hidden internet segment requiring specialized software to access. The group’s established pattern involved extorting victims by threatening to publish stolen data unless ransoms were paid. SOAS confirmed the incident publicly following the BBC’s investigation in late 2022, acknowledging the breach’s limited scope but not disclosing whether a ransom demand was received or paid.

SOAS activated its incident response protocols upon detecting the breach, successfully preventing further escalation of the attack. The university notified affected staff and students about the compromise and initiated direct communication with individuals whose data was exposed. Forensic specialists were engaged to secure systems and assess the breach’s full impact. Key operational systems were restored, though the attackers had already extracted and leaked the data. The breach exposed sensitive personnel information, including contractual terms and financial records, creating privacy risks for staff. SOAS collaborated with relevant authorities, including the UK’s Information Commissioner’s Office (ICO), which investigates data protection violations. No student academic records or research data were confirmed as compromised in the public disclosure. The incident highlighted broader vulnerabilities in the education sector, where resource constraints often limit cybersecurity preparedness against financially motivated threat actors like Vice Society.