Oxford University Career Platform Hit by Third-Party Breach
The University of Oxford notified users that its CareerConnect platform, managed by third-party Group GTI, was compromised. Exposed data includes names, email addresses, and encrypted passwords for non-SSO users. Oxford systems were unaffected; users were advised to monitor for phishing and reset passwords where applicable.
- names
- email addresses
- encrypted passwords
A third-party provider responsible for the University of Oxford’s CareerConnect platform suffered a breach that exposed names, email addresses, and encrypted passwords belonging to users who had not enabled single sign-on.
Public reporting indicates the incident occurred on systems operated by Group GTI, the external company that manages the university’s career services portal. Oxford itself was not breached, and the university promptly notified affected account holders. The data set includes information from non-SSO users only; those who log in through university credentials were not impacted. Available reporting describes the passwords as encrypted, though it does not specify the strength of the hashing method used. Oxford advised users to remain alert for phishing attempts and to change passwords on any other accounts where the same credentials might have been reused.
Want the rest of this breakdown?
Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →