Updates to Colleagues
Issues with University IT Systems - update from Executive Board
Please see our Staff FAQs. ​A list of restored services can be viewed on the IT Service NUconnect website
IT update from Executive board - 08:00 Wednesday 4 November 2020
Dear Colleagues
As you will be aware, we have been investigating following a cyber-incident in August and this has revealed that some personal data has recently been made publicly available (on an Internet site that cannot be found by a search engine).
This affects colleagues and students and involves data extracted from the University’s email Global Address List (GAL) and some of this data is already available through other sources, such as on the University’s external websites. The data made available contains:
First name
Last name
User ID (e.g. nxx12)
Job title (for staff)
Department/Unit/School
University landline phone number (for staff)
A version of your University email address
In addition, for students it includes:
Course studying and UCAS course number
The University is continuing to investigate the full impact of the cyber-incident and it is not yet possible to provide any further information.
Please be assured that the University uses industry-standard tools and processes to record and protect account information, including passwords. We take the security of our systems extremely seriously and this remains the subject of a Law Enforcement investigation. Our team in NUIT is working with these agencies to address the issue.
All updates and information will continue to be uploaded to the incident webpages and this includes a new section of FAQs so please do take a minute to look through these and familiarise yourself with some of the recommendations.
Keeping your Information Safe
Please stay alert for phishing attempts via email, text and other social platforms. If you’re unsure a communication is genuine, simply delete it or check with the sender. Don’t respond, open attachments or click any links. For further advice on keeping information secure and to report any concerns visit https://go.ncl.ac.uk/itservice/staysecure or contact the IT Service Desk.
Thank you for your commitment and resilience and we apologise once again for any inconvenience this is causing. Our IT teams continue to work round the clock to investigate and resolve the issue and we will continue to keep you updated.
University Executive Board
14:00 Monday 28 September
We wanted to update you on the current status of our IT systems and services. We know it has been a difficult few weeks, and once again we want to thank you all for your flexibility, ingenuity and patience. IT have made progress and managed to return a number of our priority business-critical systems to service. Thank you again to our colleagues in IT. In terms of service to colleagues and students we have the following updates:
- Payroll was run successfully last week and the rest of our core financial processes are working well, albeit with workarounds in place.
- Syllabus+, which we use to create our timetable, is working and our timetable team is working incredibly hard to ensure we have a timetable in place for the start of teaching in three weeks’ time.
- Canvas, our new virtual learning environment is working, and issues with data feeds into the system have been resolved.
- Student registrations are progressing well. We will be able to issue them all with Smartcards when they arrive on campus next week.
- The Chubb and Salto door lock systems are now working again so students can get into their rooms and you should all be able to get into the buildings you would expect to have access to.
We will update you as other systems are brought back online.
Thank you again for your continued support. As the situation continues to change we will keep you updated.
With best wishes
University Executive Board
17:00 Friday 11 September
Dear colleagues,
Apologies for sending two communications in one day but these are important and urgent issues for us all.
I wanted to update you on our recent IT issues before we head into the weekend.
Firstly, while the majority of our services can be accessed by colleagues and students as normal or via the workarounds that have been put in place, we are aware of a small number of staff who have lost all access to email and associated services.
We do understand how frustrating this is but please be assured that NUIT colleagues, working with your managers, will contact you as soon as possible to help.
From the outset we were acutely aware of the challenges we faced in terms of communicating to all colleagues during this time.
Please remember that all communications related to this incident – including the staff emails - are hosted on the NUIT external site so they are available to anyone.
We have also been pointing colleagues and students to this site via social media but please can I ask for your help in reaching out to any colleagues unable to access email and update them on what is happening or direct them to the online FAQs.
Overall, we are making progress with the technical work to assess the full extent of what has happened and to restore full service. As we have said from the start, this is going to take some time to fix and we may have further unexpected disruption to services in the next few weeks.
- We have already registered over 1,000 students in the Faculty of Medical Sciences and we look forward to welcoming all other students as planned from 28th September.
- The vast majority of colleagues have IT and email access and are able to do their normal job. For those experiencing problems with access, we will contact you as soon as possible to help fix your access issues.
- Zoom and Teams are working well and our meetings and communications are working normally.
- We have communicated with all students with instructions on how to register, and with information on smartcards and access to accommodation.
- Canvas, our new VLE, is working.
- The Philip Robinson Library is open for “Click and Collect” and the Marjorie Robinson Library Rooms are open for pre-booked study space. The service for both of these is working normally.
- Exam boards will be meeting next week as planned and we are confident that they will have all the information they need to assess resits etc.
- Our student payment gateway is working and we are guiding self-funding students to correctly access the service.
- In terms of financial operations, purchase orders are being issued, bills and expense claims are being paid, student payments were made on time in September and tuition fees and other payments are being collected.
- In terms of People Services, our recruitment system is working and we are able to handle the vast majority of colleague queries. We are accelerating some of our processes so we can be confident that you will all be paid on time.
- Research proposals are being costed using workaround processes and costing templates
- Student services are available as normal for remote access and we are progressing plans for the reopening of campus-based facilities
- Business Warehouse is working and we can produce management information on relevant activities.
The technical review of all our IT systems is complex and will take time to complete thoroughly. However, from the work we have done so far, we have not yet found any evidence of any exfiltration of personal data as a result of this cyber incident.
I recognise that we still have more work to do. Timetabling is a key priority and we are finding workarounds for this in the coming days.
We also need to address operational issues with some of our door locks and will send you an update on building access early next week.
Finally, I have been really heartened by the creative and flexible approach being taken by colleagues across the University to address these areas. I know how many of you are stepping forward and offering to work through weekends and evenings to help get all our services ready for our students returning at the end of the month. Thank you, for all your hard work.
With all my best wishes
Professor Chris Day, Vice-Chancellor and President
17:00 Tuesday 8 September
Dear colleagues
We are writing to update you on the latest situation with regards to our ongoing IT issues and in particular the impact it is having on those students who returned to Newcastle this week.
Registration
As you will be aware, as a result of a cyber incident a number of our systems are currently offline. One of these is our registration system and we are working hard to find ways around this to ensure all our students can be registered for the start of term.
In FMS, our teams worked over the weekend to ensure the manual registration of over 1,000 returning medical students who started with us on Monday. This was a massive effort and we are grateful to everyone who worked so hard to complete this on time.
Unfortunately, the cyber incident has also affected the software that underpins resources in our Medical Learning Environment. This means that some of the pre-recorded lectures which our teams spent all summer preparing are currently inaccessible.
All the other material – lecture notes, PowerPoint presentations and timetables are still available and online induction was able to take place. The temporary loss of the pre-recorded lectures is extremely disappointing for all of us.
However, although some on-line resources are currently inaccessible the most important aspect of the returning students’ learning - working with patients and staff in the hospitals and general practices across our region - is proceeding as planned. We are very grateful to our clinical partners for restarting these clinical placements for our students.
Student finance
As a result of the registration system being down, a number of students have reported concerns about not being able to access their student loans.
The University is working hard to resolve the IT issues which are affecting S3P and liaising with the Student Loans Company to release the first instalment of the loans for students.
For any student whose programme starts before 28th September, we have already completed their registration to ensure they receive their loan on time. For students who are due to start programmes on 28th September, we are monitoring the situation closely but we will ensure they are registered on time to enable them to start their programme and receive their loan.
If any student is concerned about their financial situation or registration, please direct them to the student information pages at student communications
Information for colleagues
You may have seen some media coverage in respect of this cyber incident. Rest assured, we take all reports of this nature seriously and are working closely with our partner agencies whilst the investigation is progressing.
As this is a developing situation, and while the investigation is ongoing, I’m afraid we are not able to give you more detail at this stage.
IT colleagues continue to work hard on the systems recovery plan, and to support the Police and the National Crime Agency with their enquiries.
All updates and information will continue to be uploaded to the incident webpages and this includes a new section of FAQs so please do take a minute to look through these and familiarise yourself with some of the recommendations.
Remember, that as part of the standard University IT protocol, you should not be copying or sending files to your personal accounts. If you have used your work computer to input personal banking details or access your personal email then we would recommend you follow good IT practice and change your passwords.
At this time, there is no evidence that email has been widely affected and you should still be able to use Office365 to send and receive emails and to use Teams. We do know that a small number of people have been experiencing difficulties with this so please bear with us.
On behalf of the whole of EB we would like to say how grateful we are to you all for once again rising to the challenge that has been thrown at us and looking for work-arounds and solutions so that our students are not disadvantaged.
Like you, we feel sad and angry this has happened. All of you have worked so hard to ensure this group of young people - who have already been through so much this summer as a result of Covid – are able to continue their education with us here at Newcastle in a few weeks’ time.
Thank you for your commitment and resilience and we apologise once again for the inconvenience and disruption this is causing. Our IT teams continue to work round the clock to resolve the issue as soon as possible and we will continue to keep you updated.
With very best wishes
University Executive Board
09:30 Friday 4 September
Dear colleagues
Apologies for the Friday email but we have some important information we’d like to share with you before the weekend with regards to the ongoing IT issues as a result of last weekend’s cyber incident.
First though, we felt it was important to update you on our plans for the safe return to campus in light of the SAGE report which is due to be published today, and the subsequent guidance from DfE which we expect next week.
Teams across the University have been working hard on careful preparations for a measured, phased and safe return to campus in light of our new ways of working and COVID-19.
A number of mitigation measures have been put in place to ensure that our campus is COVID-secure and our own guidance on how we plan to implement physical distancing, face coverings and hygiene measures across campus, in teaching, research and office settings, is now well advanced. We have also produced information around safe travel to work and our plans to bring teams back on campus, safely.
We know how important this information is to everyone and want to reassure you that, although we have had many other challenges in recent weeks, careful work has been going on around these issues. We will be in a position to share all this information and planning with you next week, once we have had chance to digest and incorporate any additional guidance that may come through nationally.
Access to buildings
As you will be aware, as a result of the ongoing IT issues, a number of our systems have been affected. One of these is the Access Control System which has been frozen. This means we are unable to make any changes to smartcard access and as a result, some buildings are stuck in ‘lockdown’ mode and will not be accessible in the normal way.
For those staff who are planning to return to campus next week and have therefore not already used their card access, please be aware this may not work. Notices have been posted at all building access points directing you to contact the Security Office who will respond to assist you.
We realise this is less than ideal, however ESS and NUIT are working on the problem and we will be providing regular updates as, and when, a solution is found.
Corrupted emails
While most colleagues still have access to their emails via Office365 (https://office365.ncl.ac.uk), we are aware that some accounts have been impacted to greater extent by the cyber incident.
If your email is not working then please contact the IT Service Desk on 0191 208 5999 or email it.servicedesk@ncl.ac.uk.
Additional support
Our teams have been working extremely hard with a number of agencies to address the issue and are taking further measures to secure the IT estate.
The nature of the problem means it will take a number of weeks to address properly and this will be an on-going situation for some time.
Please be aware:
- Many IT services are not operating and will remain that way for the duration.
- IT services that are operating may need to be taken down without notice.
- Colleagues may lose access to their IT accounts without notice and they may not be re-enabled quickly.
- NUIT may need access to any IT system you keep or use.
Work-arounds and alternatives are being prepared, but with the IT team at a stretch, they may not be able to answer everyone’s call or email immediately.
Please be assured that NUIT and the University are doing everything they can to address this situation as swiftly as possible and return the University to a more usual way of working, albeit under COVID-19.
Please keep checking the NUIT news site for the latest updates and information about the incident at https://www.ncl.ac.uk/itservice/latest-news/
As well as keeping colleagues informed, our teams are also sending regular communications to our students about the impact the cyber incident is having on them, in particular their ability to register, book accommodation, sit online exams and submit work.
All the student communications are also being hosted on the NUIT website for information.
We are also working hard to communicate with our key partners and alumni as they are likely to be unable to access some of our services during this time.
Finally, we’d like to extend a huge thank you to our colleagues in NUIT for their continued support and hard work. This is a 24/7 task at the moment and we know they are doing everything possible to get our systems back up and running in time for our students arriving at the end of the month.
We wish everyone a lovely weekend and a huge thanks once again for all your support.
With best wishes
University Executive Board
16.20 Weds 2 September
Dear Colleagues,
Following my email yesterday I wanted to update you further on the ongoing issues we are experiencing with our IT systems.
As you know, we have suffered a cyber incident which is the subject of a Police investigation and our team in NUIT is working extremely hard with a number of agencies to address the issue.
However, we need to be prepared for the fact that this could take us some time to resolve and as such, we are now asking all Heads of Unit to invoke their business continuity plans for IT issues.
At the same time, NUIT need to make some changes to your H: Drive and Network Drives.
From 17:00 today, all files will be made read-only. This will remain in place until further notice.
You will be able to open and read the files, but not edit and save them, nor create new files on your H: Drive or Network Drives.
Only business-critical data and files which need to be accessed and changed can be transferred to your OneDrive. Any new files you need to create can also be saved on your OneDrive.
Please only transfer files that are absolutely essential and remember that as part of the standard University IT protocol, you should not be copying or sending files to your personal accounts.
You should still be able to use Office365 for email and Teams, although we do know that some people have been experiencing difficulties with this so please bear with us.
All the information you need will be regularly updated on the IT Service website at www.ncl.ac.uk/itservice/latest-news
I understand how tired everyone is feeling right now. I said last week at the end of Confirmation and Clearing what an exhausting and emotionally draining five months it had been so far this year and now I find myself once again asking you for your support and goodwill.
We still have many challenges and hurdles ahead of us and the current IT issues mean we will need to look yet again at how we can do things differently and work around the problem over the next couple of weeks.
But I have great confidence in the Newcastle University spirit and resilience. Thank you once again for your continued support.
With all my gratitude and best wishes
Professor Chris Day, Vice-Chancellor and President
13.15 Tues 1 September
Dear colleagues
As many of you will be aware, for the past 48 hours we have been experiencing issues with a number of our IT systems, many of which are currently offline.
Our investigations have now shown that we have suffered a cyber incident which is now the subject of a Police investigation and, as a result, it is going to take us some time to resolve the issue.
In order to do this safely, we may need to temporarily take our systems completely offline later today or tomorrow.
During this time, if you are working remotely, you will only be able to access a very limited set of services. As a minimum, these will include:
- Office365 (Email, Teams, OneDrive, Office Applications On-line)
- Canvas virtual learning environment
We know that some people experienced problems with their email over the weekend. This should now have been resolved so please do try again.
Our aim is to try to reinstate systems as soon as possible. However, we cannot do this until further investigations and remediations are complete. Unfortunately, we do not currently have an estimated timescale for this but it is likely to be a number of days.
We anticipate that some services will be restored earlier than others and this list will be published via the IT Service website at https://services.ncl.ac.uk/itservice/news/
Finally, we do understand the difficulties this is going to create for many people, particularly given the pressures of the past few weeks and months.
Our teams have been working round the clock over the Bank Holiday weekend to identify the problem and resolve it so please bear with us.
I will continue to keep you updated and once again, apologies for any inconvenience caused.
With thanks and best wishes
Professor Chris Day, Vice-Chancellor and President