Cambridge University Press & Assessment (CUPA) has been hit by a cyber attack, jeopardising the work of its employees.

In a statement on Thursday (27/06), CUPA announced they were facing “technical disruption following a cybersecurity incident affecting part of our publishing operation”.

CUPA is the publishing house of the University of Cambridge, as well as an academic department. It has a global sales presence, with offices in over 40 countries, and is one of the oldest publishing institutions in the world.

Some colleagues were experiencing a “temporary loss of email access”, the publishing house said. They stated that “we are making good progress in restoring access”.

Hacking group INC Ransomware has reportedly claimed responsibility for the attack. On June 24, the group published information related to the attack on its disclosure page, including stolen documents such as supplier invoices, service contracts, and other confidential correspondence, as proof of their action.

INC Ransomware, which was formed in August 2023, has been described as a “highly sophisticated” group that appears to carefully select its targets, typically those with significant financial resources and sensitive data.

The group reportedly deploys strategies of double extortion. Cybercriminals using this method steal and encrypt victims’ data, before threatening to publicly disclose the information if a ransom is not paid.

The attack is the latest in a series of cyber attacks to impact Cambridge this year, with the Medical School, University Library and University servers all being subject to separate attacks in recent months. It is unknown whether this latest action is related to any of these previous events.

A spokesperson for Cambridge University Press & Assessment said: “We recently experienced a cybersecurity incident, affecting a part of our publishing operation. As soon as we became aware of the incident, we took some of our systems offline as a precautionary measure and engaged external IT and forensic experts to respond to and investigate the matter. ”

“Despite the disruption, the majority of our external customer-facing platforms are working as normal and there has been no impact on the current exam series. We are aware that a group has claimed that data relating to our organisation has been published online. We are working to investigate with external experts and authorities, including the UK’s National Cyber Security Centre.”

“Experts have advised that the investigation will take some time to complete, and we will continue to provide our colleagues, customers and stakeholders with updates as soon as we can,” they continued.