---
title: "Cybersecurity News, AI Email Security: Next-Gen, Manchester Students' Data Leak, Russian APT: Email Server Breach | DMARC Report"
description: "Cybersecurity News, AI Email Security: Next-Gen, Manchester Students"
image: "https://dmarcreport.com/og/blog/news-email-security-data-leak-email-breach.png"
canonical: "https://dmarcreport.com/blog/news-email-security-data-leak-email-breach/"
---

Quick Answer

Listen to this blog post below

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fnews-email-security-data-leak-email-breach%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20News%2C%20AI%20Email%20Security%3A%20Next-Gen%2C%20Manchester%20Students'%20Data%20Leak%2C%20Russian%20APT%3A%20Email%20Server%20Breach&url=undefined%2Fblog%2Fnews-email-security-data-leak-email-breach%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fnews-email-security-data-leak-email-breach%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fnews-email-security-data-leak-email-breach%2F&title=Cybersecurity%20News%2C%20AI%20Email%20Security%3A%20Next-Gen%2C%20Manchester%20Students'%20Data%20Leak%2C%20Russian%20APT%3A%20Email%20Server%20Breach "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20News%2C%20AI%20Email%20Security%3A%20Next-Gen%2C%20Manchester%20Students'%20Data%20Leak%2C%20Russian%20APT%3A%20Email%20Server%20Breach&body=Check out this article: undefined%2Fblog%2Fnews-email-security-data-leak-email-breach%2F "Share via Email") 

![Cybersecurity News, AI Email Security: Next-Gen, Manchester Students' Data Leak, Russian APT: Email Server Breach](https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg) 

Listen to this blog post below

> The organizations that invest in email authentication early save themselves from expensive incidents later, says Vasile Diaconu, Operations Lead at DuoCircle. We see the pattern constantly: a domain gets spoofed, customers lose trust, and the remediation effort costs 10x what proactive DMARC setup would have cost.

The three core email authentication standards - SPF ([RFC 7208](https://datatracker.ietf.org/doc/html/rfc7208)), DKIM ([RFC 6376](https://datatracker.ietf.org/doc/html/rfc6376)), and DMARC ([RFC 7489](https://datatracker.ietf.org/doc/html/rfc7489)) - work together to verify that an email genuinely originates from the domain it claims to represent. Since February 2024, Google and Yahoo require all three for bulk senders. With malicious actors employing innovative techniques to infiltrate network systems using [phishing](https://dmarcreport.com/blog/phishing-smishing-vishing-everything-you-need-to-know/) emails, organizations must deploy AI/ML-powered email [phishing protection](https://dmarcreport.com/blog/phishing-protection-why-are-so-few-using-dmarc/) systems to prevent data privacy violations. Here are the latest email security-related updates:

## AI-Powered Email Security Is the Next Big Thing in Cybersecurity, Next-Gen Email Threat Protection

With AI (Artificial Intelligence) ruling the roost in the industry, it is no surprise that cybersecurity experts are turning to it for **email protection**. Modern tools like [Trustifi](https://trustifi.com/) can identify malicious email behavior and nip the chances of a cyberattack in the bud.

With cyberattacks becoming more sophisticated, traditional email phishing protection techniques no longer hold good. Hence, adopting AI has become the \*\*go-to solution for all organizations to ensure effective and efficient [email security](https://dmarcreport.com/). AI and ML (Machine Learning) can perform better with higher efficiency . However, the following must be considered seriously:

- AI/ML systems only work if it has uncorrupted data for support.
- It is essential to incorporate data into \*\*AI-human intervention ML algorithms to ensure success.
- AI-powered solutions work well if [organizations](https://dmarcreport.com/blog/what-is-dmarc-compliance-and-how-can-you-achieve-it/) recruit AI-focused cybersecurity staff with data analytics and science expertise.
![Dmarc record](https://media.mailhop.org/dmarcreport/images/2023/06/dmarc-record-9.jpg) 

## The University of Manchester Students Warned of an Imminent Data Leak

Threat actors have become bolder, and they have begun warning students of [educational institutions](https://www.jpost.com/business-and-innovation/all-news/article-713738) like the University of Manchester of \*\*leaking their data and other credentials on the internet if their ransom demands are not met .

On June 6, 2023, threat actors managed to infiltrate the University of Manchester’s servers and steal [7 TB of data](https://www.bleepingcomputer.com/news/security/hackers-warn-university-of-manchester-students-of-imminent-data-leak/) belonging to students, lecturers, and administration staff. The malicious actors have \*\*sent an email to the University asking for a ransom. While the University has confirmed the attack on its network and likely data loss, it has ruled out similarities with the recent \*\*MOVEit Transfer Data Theft attacks or the data breach at Zellis.

The University has not confirmed the ransom, but the information security reporter Bleeping Computer has learned it was a ransomware attack. Besides, the threat actors have emailed students and shared with Bleeping Computer that they have stolen 7 TB of data , including personal credentials, research data, police reports, medical data, HR documents, drug test results, finance documents, and databases.

## Russian APT Group Caught Red-handed While Compromising Roundcube Email Servers

Cybercrime does not know any international borders, with Russia always at the forefront of launching [cyberattacks](https://healthitsecurity.com/news/global-cyberattacks-increased-by-38-last-year-healthcare-hit-hard) on **other countries’ networks**.

A malicious Russian group has been caught red-handed while [infiltrating Roundcube](https://www.securityweek.com/russian-apt-group-caught-hacking-roundcube-email-servers/) email servers to spy on Ukraine’s military installations and government institutions.

Recorded Future, a threat intelligence organization, has advised that malicious actors use \*\*Roundcube server infections to run exfiltration scripts and reconnaissance runs, redirecting incoming emails to gather user credentials, address books, and [session cookies](https://www.esecurityplanet.com/threats/hackers-steal-session-cookies-to-bypass-mfa/).

Recorded Future has documented the activity along with Ukraine’s CERT-UA (Computer Emergency Response Team) and attributed it to Russia’s GRU Military Spy Unit. The attack involves **sending phishing emails**, encouraging recipients to open them, and compromising vulnerable Roundcube servers.

![How to create dmarc record](https://media.mailhop.org/dmarcreport/images/2023/06/how-to-create-dmarc-record-3561.jpg) 

## American Airlines, Southwest Airlines Issue Data Breach Notification Affecting Pilots

Two of the world’s largest airlines, American Airlines and Southwest Airlines, recently disclosed [data breaches](https://simpleflying.com/british-airways-payroll-data-breach/) caused because the hackers compromised \*\*Pilot Credentials from a third-party vendor managing multiple airlines’ recruitment portals and pilot applications. Both airlines published a notice notifying about the Pilot Credentials breach, which they say was limited to the thirty-party vendor’s systems. Thus, the breach had \*\*no impact on the airlines’ systems and networks.

An \*\*unauthorized person accessed Pilot Credentials’ systems and stole documents that contained information provided by applicants in their pilot and cadet hiring process. According to the breach notifications that the companies filed with Maine’s Office of the Attorney General, Southwest said the data breach impacted 3009 pilots and applicants, while American Airlines reported 5745\. [American Airlines](https://www.bleepingcomputer.com/news/security/american-airlines-learned-it-was-breached-from-phishing-targets/) said the data includes personal information like name, date of birth, Social Security number, passport number, **Airman Certificate number**, driver’s license number, and other government-issued identification numbers(s).

Although there is no evidence indicating that [hackers](https://www.cpomagazine.com/cyber-security/russian-hackers-killnet-executed-a-cyber-attack-on-european-air-traffic-control-agency-eurocontrol/) specifically exploited pilots’ personal information to commit fraud, the airlines said that from now, they would direct all the cadet and pilot applicants using \*\*self-managed internal portals.

Southwest Airlines explained that they are \*\*no longer utilizing the vendor and directing all Pilot applicants to an internal Southwest-managed portal.

[Southwest Airlines](https://cybernews.com/news/southwest-airlines-sued-for-outdated-technology/) and American Airlines also notified relevant law enforcement authorities regarding the breaches and are cooperating with their investigation into the matter.

## Sources

- [RFC 7208 - Sender Policy Framework (SPF)](https://datatracker.ietf.org/doc/html/rfc7208)
- [RFC 7489 - Domain-based Message Authentication, Reporting, and Conformance (DMARC)](https://datatracker.ietf.org/doc/html/rfc7489)

## Topics

[ email security ](/tags/email-security/)[ News ](/tags/news/) 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead for DMARC Report's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Take control of your DMARC reports

Turn raw XML into actionable dashboards. Start free - no credit card required.

[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) 

## Related Articles

[  Foundational 4m  5 Mind-Boggling Phishing Attacks in Australia 2023!  Feb 8, 2024 ](/blog/5-mind-boggling-phishing-attacks-in-australia-2023/)[  Foundational 4m  Akira flaunts victims, Idaho targets orthodontist, AI granny protects  Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)[  Foundational 4m  Alternatives to DMARCLY's Blog Section for Learning About Email Authentication and DMARC  Nov 6, 2023 ](/blog/alternatives-to-dmarclys-blog-section-for-learning-about-email-authentication-and-dmarc/)[  Foundational 4m  Ambient Light Spying, Cybersecurity Prices Drop, Euro 2024 Threats  Jul 10, 2024 ](/blog/ambient-light-spying-cybersecurity-prices-drop-euro-2024-threats/)

```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity News, AI Email Security: Next-Gen, Manchester Students' Data Leak, Russian APT: Email Server Breach","description":"Cybersecurity News, AI Email Security: Next-Gen, Manchester Students' Data Leak, Russian APT: Email Server Breach from DMARC Report explains practical steps.","url":"https://dmarcreport.com/blog/news-email-security-data-leak-email-breach/","datePublished":"2023-06-28T10:58:27.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2023-06-28T10:58:27.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://dmarcreport.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/news-email-security-data-leak-email-breach/"},"articleSection":"foundational","keywords":"email security, News","wordCount":798,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Cybersecurity News, AI Email Security: Next-Gen, Manchester Students' Data Leak, Russian APT: Email Server Breach","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Cybersecurity News, AI Email Security: Next-Gen, Manchester Students' Data Leak, Russian APT: Email Server Breach","item":"https://dmarcreport.com/blog/news-email-security-data-leak-email-breach/"}]}
```