Skip to main content

Frequently Asked Questions

Frequently Asked Questions

What has happened?

On Sunday 30 August 2020, we became aware that the University had suffered a serious cyber incident which is causing operational disruption across our networks and IT systems. 

What are you doing to fix it and how long will it take?

We invoked our full incident response plans on Sunday 30 August and the incident management team is working to complete their assessment on the scope of the incident and to stabilise the situation, so as to be able to recover the University’s systems and services as safely as possible.

The aim is to do this as quickly as possible in order to minimise the impact on you, our students, and our partners, but at the same time, as safely and securely as possible.

At this point, it is not possible to give a timeline on when this will be resolved.  We will be providing updates throughout the course of our ongoing investigation, and as soon as we have further information we can share, we will provide an update.

Please keep monitoring your email, this webpage, and our Twitter and Facebook feeds.

I have lost my University email access – how can I get help?

Contact NUIT by calling 0191 2085999 or by emailing using the term “Account Reactivation” in the subject heading. A colleague will be happy to advise on getting your account safely reactivated.

Will the University still be able to welcome students at the start of term?

Our semester will commence as planned on 28 September and we have business continuity arrangements in place to register our students.  Last weekend, we registered over 1,000 Medicine and Dentistry students who started with us this week.  We look forward to welcoming other students as planned from the end of the month.

Our teams are working extremely hard to ensure this group of young people - who have already been through so much this summer as a result of Covid – are able to start here at Newcastle in a few weeks’ time.

What investigations are being carried out into the cyber incident? 

The University has a large and extensive IT estate with many systems.  Each system must now be checked carefully and thoroughly to understand the extent of any damage and to preserve any evidence for the Police.  We have been as open as we can be during this phase with both our staff and students, without risking compromising or delaying this investigation. We are sorry for the disruption this is causing to our staff, students and partners.  Our IT colleagues continue to work hard on the systems recovery plan, and to support the Police and the National Crime Agency with their enquiries.

How does the University record and collect account information for staff and students, such as passwords? 

The University uses industry-standard tools and processes to record and protect account information and, in particular, passwords.  We follow NCSC guidance on password practices. 

Is my research safe?

We have taken steps to secure and protect data stored on NUIT-managed systems.

This does not include any data stored locally or on faculty managed servers. Individuals who maintain their own local systems are advised to make appropriate checks and seek advice from NUIT if they are unsure.

Are my bank details safe – will I still get paid at the end of the month?

We have found no evidence that payroll data has been compromised and the University online payment system has not been impacted by the recent IT incident. 

Our online payments portal is managed off-site by our payment services provider and is not held on Newcastle University servers. 

Newcastle University, along with our Payment Services provider, adhere to a set of strict industry standards meaning we are compliant in our payment processing and your card details are protected and safe.

If you wish to make a payment at this time, you can do so securely by debit/credit card at

Will I be paid on time?

We are accelerating some of our processes so we can be confident that you will all be paid on time.

Which services can I still use?

The vast majority of colleagues have IT and email access and are able to do their normal job.  In addition:

  • Office365 including email, Zoom and Teams are working well and our meetings and communications are working normally.
  • Canvas, our new VLE, is working.
  • The Philip Robinson Library is open for “Click and Collect” and the Marjorie Robinson Library Rooms are open for pre-booked study space. The service for both of these is working normally.
  • Our student payment gateway is working and we are guiding self-funding students to correctly access the service.
  • Purchase orders are being issued, bills and expense claims are being paid, student payments were made on time in September and tuition fees and other payments are being collected.
  • Our recruitment system is working and we are able to handle the vast majority of colleague queries.
  • Research proposals are being costed using workaround processes and costing templates
  • Student services are available as normal for remote access and we are progressing plans for the reopening of campus-based facilities
  • Business Warehouse is working and we can produce management information on relevant activities.

Is my personal information compromised?

From the investigation so far, we have found that some personal data affecting staff and students has been made publicly available.

This data is from the Global Address List on the Outlook email system, some of which is available on the University’s external websites, and contains:

First name
Last name
User ID (e.g. nxx12)
Job title (for staff)
University landline phone number (for staff)
A version of your University email address

In addition, for students it includes:
Course studying and UCAS course number

The University is continuing to investigate the full impact of the cyber-incident and it is not yet possible to provide further information.

Please be assured that the University uses industry-standard tools and processes to record and protect account information, including passwords. Newcastle University takes the security of our systems extremely seriously and this remains the subject of a Law Enforcement investigation. Our team in NUIT is working with these agencies to address the issue.

Which email address version has been extracted from the Global Address List (GAL)?

The extract contains a partial internal representation of the X.500 version of the email address and not the more commonly recognisable ‘friendly’ combination of initials and last name eg. or the SMTP version.

Is any of my saved work lost?

The University is continuing to investigate the full impact of a cyber incident.  It is possible any changes to data made on Saturday 29th and Sunday 30th August will not have been saved so we would advise colleagues to check this. 

How long do you estimate it will take to fully restore access to the systems?

Overall, we are making progress with the technical work to assess the full extent of what has happened and to restore full service. As we have said from the start, this is going to take some time to fix and we may have further unexpected disruption to services in the next few weeks.

Will I need to be involved in restoring the system, or will NUIT handle everything?

We will need assistance from system users in some cases and we will make contact (if this is the case) via the Faculty IT managers.

What are the implications for my relationship with external partners?

A statement has been published for our external partners at 

Do I need to reset my passwords?

We are working through recommendations from both our internal support teams and third parties.  It is possible we will need to reset all NU user accounts but we will let you know when this needs to happen. Please do not do this until we notify you.

Are the systems accessible from campus?

Access is currently the same on campus and off campus.  We will let you know with as much notice as possible if this needs to change.

How will this affect the start of term (both staff and students)?

The priority is to ensure materials are available for on-campus and on-line induction and on-line teaching ready for the start of the semester.  This may mean developing new materials as a contingency should access to your existing materials not be available.  You can access common Microsoft packages via your Office365 login at  When creating new materials please save items to your University OneDrive for Business and they can be uploaded into restored systems at a later date.


NUProjects is unavailable due to the cyber incident. FAQs re applications and awards for external funding:

How do I go about costing applications for external funding in the absence of NUProjects?

Alternative methods of costing and approving applications have been put in place in order to enable applications to continue to be prepared and submitted. Colleagues should liaise with the relevant Research Officer / Project Support Team in the normal way for the costing of research applications. For consultancy and CPD projects, you should liaise with the Commercial Projects team.

Application details will be retrospectively input in to NUProjects when the system becomes available again.

I am the recipient of a research award and need the RES account to be set-up so that I can access the funding. Is this possible?

Yes. Alternative methods of setting up projects have been put in place however urgent cases will be prioritised e g where recruitment or a funder invoice is required. A copy of the award letter/contract will be required as normal. Similar alternative methods have also been put in place for consultancy and CPD projects which may require urgent account set-up.

The necessary data will be retrospectively input in to NUProjects when the system becomes available again.