The University of Cambridge has said that 4,000 users of its computer service, whose data was found to be vulnerable to exploitation by third parties today, have since had their accounts secured.

The University Information Services (UIS) sent an email at midday today to those whose data was suspected to be at risk, urging users to check whether they had stored any sensitive information on DS-Filestore – the backing-up service for all University members which holds users’ personal files – and to change their Raven passwords.

A University spokesperson said that “University Information Services (UIS) has no reason to believe that users’ data has been exploited.”

The vulnerability in users’ data was discovered during a series of IT security checks, which found that work and study materials on DS-Filestore and on the Managed Cluster Service (MCS) – the managed desktop service available to Cambridge staff and students – were briefly accessible to third parties due to “an encrypted administrative key that was inadvertently exposed”, according to a statement on the UIS website.

Caius student Toby Ashworth, who received the email from UIS, said: “My initial reaction was thinking it was a spam email, as I have received a similar spam message before (from my college’s IT department).”

His brother called the UIS to find out if it was legitimate. He said that “once I knew it was legitimate I followed the instructions to check that I didn’t have anything stored in my filespace (I didn’t as I rarely use it) and then I changed my Raven password.”