Following cyber-attacks in 2022, fourteen UK schools became the victim of a serious leak of confidential data.
Students' SEN information, passport scans, and staff pay scales and contract details were among the information leaked. This information became public after the attacked school refused to pay the ransom demands.
The cyber-attacks and subsequent leaks are thought to have been carried out by the threat actor Vice Society, which has carried out numerous ransomware and extortion campaigns against educational institutions in the UK and US.
The schools impacted by the leaks are: Carmel College, St Helens; Durham Johnston Comprehensive School; Frances King School of English, London/Dublin; Gateway College, Hamilton, Leicester; Holy Family RC + CE College, Heywood; Lampton School, Hounslow, London; Mossbourne Federation, London; Pilton Community College, Barnstaple; Samuel Ryder Academy, St Albans; School of Oriental and African Studies, London; St Paul's Catholic College, Sunbury-on-Thames; Test Valley School, Stockbridge; The De Montford School, Evesham.
Many of these schools have informed parents, pupils & staff about the incident.
Cyber-attacks and ransomware disproportionately affect the education sector. According to a Sophos report published in July 2022, 56% of lower education institutions and 64% of higher education bodies were hit by ransomware in the previous year.
To protect yourself from a data leak, it's essential to:
Reporting
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).
Click to Open Code Editor