Oxford University said on Thursday it was investigating a digital intrusion after a researcher said he had seen evidence that a laboratory researching COVID-19 had been hacked.

The breach took place in mid-February and occurred at the Division of Structural Biology, known as Strubi, which has been carrying out research into COVID-19, according to Alex Holden, founder of Wisconsin-based Hold Security.

University of Oxford
Radcliffe Camera is pictured on September 20, 2016 in Oxford, England.Carl Court/Getty Images

Forbes first reported the breach. Strubi is distinct from the Jenner Institute, which develops the Oxford COVID-19 vaccine in partnership with AstraZeneca.

Oxford University confirmed there had been a hack and in an emailed statement it said it was investigating.

We have identified and contained the problem and are now investigating further.

"We have identified and contained the problem and are now investigating further. There has been no impact on any clinical research, as this is not conducted in the affected area," an Oxford spokesman said, adding that the university was working with the National Cyber Security Centre (NCSC) on the incident.

It did not name the facility affected. NCSC, the cybersecurity arm of spy agency GCHQ, said in a statement that it was aware of the incident and was "working to fully understand its impact."

Holden told Reuters that he discovered the intrusion when he found screenshots from inside the lab's network left by the hackers on a poorly secured server.

Coronavirus

Holden said the hackers – which his company has been tracking – were Portuguese speakers operating out of South America and that they were criminally motivated, citing references to ransomware and discussions of monetary payouts.

Digital espionage targeting health bodies, vaccine scientists and drugmakers has surged during the COVID-19 pandemic.

In December, U.S. drugmaker Pfizer Inc and its German partner BioNTech SE disclosed that documents related to development of their COVID-19 vaccine had been "unlawfully accessed" in a cyberattack on Europe's medicines regulator.