The University of Algarve (UAlg) reports that it was the victim of a cyberattack on its academic management system between 14 and 19 November. As of 8pm on 19 November, the cyberattack was mitigated by correcting the academic management system software, and the security threat was eliminated.
UAlg targeted in cyberattack
During this cyber-attack, regular activities were never interrupted, namely teaching and research, but during the period in which it occurred, personal data of some members of the academic community (candidates, students and staff) was exfiltrated.
The cyber-attack did not extract all personal data (email address, telephone contact, name and IBAN) in the same way, and the University of the Algarve has informed those affected individually about which data was affected and what measures are needed to protect it, thus complying with the obligations of the General Data Protection Regulation.
UAlg immediately reported the incident to the competent authorities, namely the National Cybersecurity Centre (CNCS), the Data Protection Commission (CNPD) and the National Unit for Combating Cybercrime and Technological Crime of the Judicial Police (UNC3T).
The University of the Algarve regrets what has happened and the possible inconvenience it may cause. UAlg has always been committed to maintaining the highest level of information security for all members of the academic community, and will continue to endeavour to maintain and improve this commitment.
