The NCSC recently issued an advisory on password spray attacks. The attacks are aimed at health care organisations involved in the coronavirus response, including research. The University is a potential target.
In password spray attacks, attackers use a few easy to guess passwords and try them against multiple accounts. Attacking in this way does not lock out accounts and the attacks are difficult to detect.
The best defence against these attacks is to use strong, difficult to guess passwords. You should make sure these are long (at least 12 characters, but 16 characters or more is much better). You can easily create a memorable password if you use three unrelated words to form the basis of your password and add numbers and other characters if necessary. There is some useful advice passwords provided by the NCSC.