Warning to parents after cyber criminals attack school website

Parents have been advised to be cautious of any emails containing personal information

A secondary school in Bristol has warned parents of a potential data breach after its IT system was hacked by cyber criminals.

Blaise High School in Henbury has urged parents to be cautious of any emails they are sent containing personal information, following the attack earlier this month.

Headteacher Katherine Brown said the attack had "resulted in a virus encrypting data stored on the school servers".

In a letter to parents, dated May 11, she said: "A small increase in internet traffic was seen at the time of the attack, which could mean some data has been extracted.

"There is the potential for any information held by the school to have been affected by this.

"As we cannot be sure no data has been breached, we have determined that there is a potential risk to individuals and therefore are communicating to all parents, students and staff."

The academy, formerly known as Henbury School, teaches more than 730 pupils.

Ms Brown said the attack has been reported to Action Fraud, which is the national reporting centre for fraud and cyber crime.

She informed parents the school's IT systems are being re-built and installed onto new servers, and that a temporary system has ensured pupils can still have access to the necessary home learning materials.

Her letter continued: "The entry point used by the criminals to access the school has been located and re-configured and all passwords for critical systems have been changed.

"We recommend you do not respond to calls and emails from someone you don’t know, especially if they provide personal information about you and your family."

BristolLive has approached the school and Action Fraud for further information and an update on the investigation.

According to a TechRadar report, more than 300 cyber attacks had been reported by UK schools between January and October 2019, compared to 124 in 2018.

A separate investigation of more than 430 UK schools in September, carried out by the National Cyber Security Centre (NCSC), found that less than half were confident they would be adequately prepared in the event of a cyber attack.

Want Bristol news straight to your inbox?

Sign up to our daily newsletter using the box at the top of this article, read all about what's involved here, or click here to see all of our newsletters

'Increasing number of schools impacted'

Due to the school closures caused by coronavirus, schools are relying on their online systems now more than ever to communicate with pupils and parents.

The NCSC has issued guidance to schools, advising on how to protect their online systems and staff when working from home.

It states: "An increasing number of schools and colleges are being seriously impacted by cyber incidents - perhaps a phishing attempt to steal money and passwords, or a ransomware attack that encrypts files preventing access.

"Schools hold plenty of sensitive information. For example, staff and parents’ bank details, medical information about students, safeguarding records. All this has to be kept safe and confidential."