Cyber Incident Victim: Dundee and Angus College
Date:
Jan 2020
Location:
United Kingdom
Summary
Dundee and Angus College experienced a cyber attack that disrupted key systems and services, forcing the cancellation of classes and temporary campus closures. The institution restored access to core student platforms including MyLearning, webmail, and OneFile within a week, though some systems like course applications remained offline. All campuses reopened with support for password resets and device checks, while student placements, bursary payments, and nursery services continued unaffected. Interviews were postponed and rescheduled, with cash-only transactions implemented at dining facilities. The college leveraged its Cyber Essentials Plus accreditation during recovery, acknowledging ongoing restoration efforts while confirming no financial impacts to students.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Dundee and Angus College experienced a cyber attack on Friday, January 31, 2020, which disrupted key systems and services across all campuses. The attack forced the immediate cancellation of all classes, including evening sessions and school pupil programs, while staff worked continuously to restore operations. By Wednesday, February 5, Principal Grant Ritchie confirmed campuses would reopen on Thursday, February 6, with Arbroath, Kingsway, Gardyne, and Forfar resuming normal class schedules. Critical student-facing systems such as MyLearning, webmail, and OneFile were restored for on-campus and remote access, though the student application system remained offline pending further repairs. Interviews scheduled during the closure week were postponed and would be rearranged, with applicants notified later. Facilities including Gardyne Gym and Swim, Arbroath Helping Hands Nursery, and Dine@ (cash-only operations) reopened alongside academic services. The college emphasized that bursary payments and student placements would proceed unaffected despite the disruption.
Recovery efforts progressed significantly by February 7, one week post-attack, with students returning to campuses and receiving support for password resets and device checks. Staff distributed a Frequently Asked Questions guide and provided direct assistance to address concerns. Principal Ritchie acknowledged the college’s Cyber Essentials Plus accreditation—a government-backed security standard—as instrumental in the recovery but noted residual challenges, including intermittent system access issues. No evidence suggested student data compromise, though the attack’s origin and method remained unspecified. The college praised staff, partners, and students for their patience and collaboration during the restoration period. All evening classes resumed the following week, and operational normalcy was largely reestablished, though full system functionality required ongoing remediation. Ritchie reiterated the institution’s commitment to minimizing academic disruption and maintaining student support throughout the recovery phase.