The attack also affected the Kimberley college for 16-19 year olds, with both members of the Wootton Academy Trust. The attack was said to be the work of the Hive ransomware group.
The cybercriminals messaged parents
and students to inform them of the compromise. Bank details, medical records, home addresses and psychological reviews were stolen in the attack.
On Tuesday, the Trust updated students and parents by saying that the disruption to its operations was limited due to the upcoming summer school holidays. The attack has, however, affected the production of some grade sheets along with scheduling for next year. They hope that backups will allow them to retrieve some data. Normal operations are expected to return within 10 days.
The Hive group believes that Wooton has £500,000 in cyber insurance, according to Bedford Today, a local newspaper. It has threatened the Trust with the release of all data unless they pay up.
The trust said, “we understand there may be concerns about whether any pupil/student data has been impacted. While we don’t have firm answers to these questions at the moment, this is our number one priority of the ongoing investigations.”
Global cybersecurity advisor at ESET and former head of digital forensics at Dorset Police, Jake Moore, warned that the potential release of stolen data could pose a big problem for the Trust, even though the timing minimised disruption for the school.
Moore suggested that the damage could last for years. He added that local authorities often lack the funds to pay the desired ransoms, suggesting that this may not have been a targeted attack, rather it may have just been an attack caught up in a broader sweep of vulnerable systems.