Reading:
School cyberattacks and data protection
Share:
Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
School cyberattacks represent some of the most significant threats to data privacy in the UK, primarily because of the sensitivity of the information that school systems hold.
While cybersecurity procedures will hopefully be followed well by most staff, the effects can be dangerous when a cyberattack exposes children, parent, or staff information.
Teachers and schools have an important duty of care for their pupils and are often privy to confidential information to allow them to protect children and provide tailored educational plans. This means that a lot of private information falls under their protection, whether this is provided by children and families, or shared with them by social services.
A 2020 government report on the cybersecurity of educational institutions reportedly found that 41% of surveyed primary schools and 76% of secondary schools had identified breaches and attacks over the course of 2019.
The cyberattacks came through several different routes, including viruses, spyware, malware, and online and email impersonations of staff/ organisations.
The most prevalent form of attack was “fraudulent emails or being directed to fraudulent websites”, a phenomenon more commonly known as phishing. While the study only covered a small number of schools, these examples sum up the kinds of cybersecurity breaches that can threaten educational establishments.
A recent cyberattack at a secondary school in Sandwich forced school management to warn parents of the potential risks of identity theft.
Several of the school’s servers were subjected to a ransomware attack, in which personal details including names, addresses, dates of birth, and phone numbers were exposed. Fortunately, no immediate financial risk was involved, as parents’ bank account details were stored on a separate system. In this case, firewalls and antivirus protection appear to have been no hindrance to the cybercriminal(s).
It also appears that the coronavirus pandemic has had an impact on cybersecurity in schools. With the majority of pupils learning remotely via their own devices, or ones provided by their schools, more education is being conducted over the internet which means that there can be more points of entry for cyberattacks. The National Cyber Security Centre confirmed that attacks were becoming more frequent in September, noting an increase in targeted ransomware attacks affecting the education sector.
With school cyberattacks on the rise, it is more important than ever that schools are upholding their own data protection responsibilities to tackle external threats.
Schools must ensure there are no vulnerabilities, whether these are in weak software or hardware, or in the practices of staff. Failing to do so could mean that they are liable for damage arising from cyberattacks where they are in breach of the GDPR.
If you believe that a school or staff member is accountable for a cyberattack or data breach, you may be able to claim compensation. The GDPR is there to make sure organisations and individuals are held accountable for failing to protect data, and the Data Leak Lawyers are here to guide and advise clients on their potential claims.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
