The 25-year-old man was arrested on suspicion of Computer Misuse Act (CMA) and fraud offences on Monday following the breach of Lancaster University systems, a spokesman for the National Crime Agency (NCA) said.
Records and ID documents of some students were accessed in the phishing attack and fraudulent invoices were sent to undergraduate applicants.
A spokesman for the NCA said: “Officers from the NCA’s National Cyber Crime Unit (NCCU) arrested the man on Monday and he has since been released under investigation while enquiries are ongoing.”
In a statement, the university said it became aware of the breach on Friday and set up an incident team to deal with the situation.
It said: “Lancaster University has been subject to a sophisticated and malicious phishing attack which has resulted in breaches of student and applicant data.”
Data from undergraduate applicants for 2019 and 2020, including their names, addresses, telephone numbers and email addresses, was accessed and fake invoices sent to some potential students.
The student records system was also breached in the attack and the university contacted a “very small number” of students who had record and ID documents accessed.