Anglesey schools cyberattack: A small island off the coast of Wales, Anglesey does not have many schools, but all five of its secondary schools were reportedly hit by a cyberattack in late June last year.
In the wake of the attack, investigations began to establish whether or not data had been affected and, if so, to what extent. The unknown element of cyberattacks was clearly demonstrated in this incident, with schools left wondering what the complications could be as they scrambled to deal with the assault on their systems.
Unfortunately, cyberattacks have been hitting the education sector with increasing frequency in recent times, calling into question how effectively school cybersecurity can defend against such targeted attacks. Where schools have not done enough to protect personal information, they could be responsible for a breach of data protection law. If you have been affected by an incident like this, you may be eligible to pursue a data protection breach compensation claim.
The Anglesey schools cyberattack – what happened?
In late June of 2021, it was reported that five secondary schools in Anglesey had been affected by a cyberattack. As a result, computer systems, including school email accounts, were put out of action. It was a perfect example of the unknowns that typically follow cyberattacks, as it is not easy to understand how to recover systems right at the beginning. During the downtime, operations can be severely impacted.
According to the North Wales Chronicle, the affected schools included were listed as:
“Ysgol Syr Thomas Jones, Amlwch; Ysgol Uwchradd Bodedern; Ysgol Gyfun Llangefni; Ysgol David Hughes, Menai Bridge and Ysgol Uwchradd Caergybi.”
In response to the cyberattacks, Anglesey Council reportedly stated that they were investigating the possibility that personal information stored on the schools’ systems may have been affected by the hack. Cybersecurity specialists were brought in to consult on the attack soon after it was discovered on Wednesday 23rd June 2021. However, it was predicted that the impact on the schools’ systems may disrupt students’ education temporarily, as efforts to restore the systems were still ongoing.
What did the investigations discover?
The investigation into the Anglesey schools cyberattack reportedly yielded positive preliminary findings. The forensic analysis had not yet raised concerns about potential information exposure as the cybersecurity specialists went about their investigations. That being said, the affected schools were unable to access some affected IT systems as of early July, which showed the extent of the interruption that had been caused.
Rising school cyberattacks and data breach claims
According to the National Cyber Security Centre (NCSC), cyberattacks on the UK education sector have been rising in frequency in recent times, with ransomware becoming particularly prevalent. The NCSC has been assisting in the incidents such as the Anglesey schools cyberattack, helping schools with recovery efforts, but the government organisation is also urging further preventative methods from schools.
Indeed, more work must be done to ensure that the data held by schools is not put at risk. When personal information is exposed in a cyberattack, it can lead to a significant breach of the victims’ privacy and may result in data misuse. Schools have an important responsibility to rise to the demands of growing cyberattacks threats but, where they fail to do so, they may be liable for a data protection breach.
Whether you have been affected by a school, retail, hospital, or local authority data breach, compensation claims can enable you to seek the justice you deserve. As leading experts in data breach claims, we have recovered over £1m in compensation for our clients to date, and we can offer No Win, No Fee representation to eligible claimants if we think you have a claim to make.
Contact us today to receive free, no-obligation advice on your case.