Following cyber-attacks in 2022, fourteen UK schools became the victim of a serious leak of confidential data.

Students' SEN information, passport scans, and staff pay scales and contract details were among the information leaked. This information became public after the attacked school refused to pay the ransom demands.

The cyber-attacks and subsequent leaks are thought to have been carried out by the threat actor Vice Society, which has carried out numerous ransomware and extortion campaigns against educational institutions in the UK and US.

The schools impacted by the leaks are: Carmel College, St Helens; Durham Johnston Comprehensive School; Frances King School of English, London/Dublin; Gateway College, Hamilton, Leicester; Holy Family RC + CE College, Heywood; Lampton School, Hounslow, London; Mossbourne Federation, London; Pilton Community College, Barnstaple; Samuel Ryder Academy, St Albans; School of Oriental and African Studies, London; St Paul's Catholic College, Sunbury-on-Thames; Test Valley School, Stockbridge; The De Montford School, Evesham.

Many of these schools have informed parents, pupils & staff about the incident.

Cyber-attacks and ransomware disproportionately affect the education sector. According to a Sophos report published in July 2022, 56% of lower education institutions and 64% of higher education bodies were hit by ransomware in the previous year.

To protect yourself from a data leak, it's essential to:

• Keep your software and operating system up to date: Cybercriminals commonly exploit vulnerabilities to gain access to sensitive information. Keeping your software and operating system up to date with the latest security patches can help protect you from these exploits.
• Use a password manager: Strong, unique passwords are a critical line of defence against cyberattacks, but remembering them can be difficult. A password manager can help you generate and store strong, unique passwords for your online accounts.
• Use Two-Factor Authentication: Whenever possible, enable two-factor authentication (2FA) for your online accounts. This will require anyone trying to log in to your account to provide your password and a second form of identification, such as a fingerprint or a code sent to your phone, making it much more difficult for hackers to access your accounts.
• Be cautious with emails and attachments: Data leaks often occur when cybercriminals trick people into opening malicious attachments or clicking on malicious links in emails. Be cautious of unsolicited emails and attachments, and never open an attachment or click on a link from an untrusted sender.
• Use a Virtual Private Network (VPN) when connecting to public Wi-Fi: Public Wi-Fi networks are often unsecured, making it easy for cybercriminals to intercept your internet traffic and steal sensitive information. A VPN encrypts your internet traffic, making it much more difficult for cybercriminals to intercept your data.

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).