Cyberattack on the Faculty of Psychology / Information on Data Protection

Updated on 1 October 2025
Between August 27, 2025 and August 28, 2025, the Faculty of Psychology was targeted by a cyberattack. Unknown attackers gained access to the faculty’s file servers and data was downloaded from these servers. It is not possible to identify in detail which specific data was downloaded. The affected servers contained data related to research, studies, and administrative operations of the Faculty of Psychology.

Despite the high standards of data protection and anonymization applied to our data, it cannot be ruled out that personal data of research participants, students, or from expert reports may also have been affected. If personal data was exfiltrated, this could potentially lead to negative consequences for the individuals concerned.

According to current knowledge, negative consequences for affected individuals are not expected or are considered rather unlikely.

However, in specific individual cases, adverse effects cannot be completely ruled out. This applies if attackers indeed downloaded personal data that can be clearly assigned to an individual, and if that data could potentially cause harm and the attackers have an interest in misusing this information, for example for publication or extortion attempts.

The following table presents the data categories and possible consequences:

Immediately after the discovery of the attack, TU Dresden implemented effective technical and organizational measures to stop the unauthorized access and prevent any further spread. After the above-mentioned period, the attackers demonstrably no longer had access to data on the affected systems.

TU Dresden immediately put in place further extensive security measures to minimize the future risk of data leaks due to cyberattacks.

Study participants and students can contact the following addresses if they have any questions:

Faculty of Psychology 

Data Protection Officer of TU Dresden, Jens Syckor: