Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Two Skinners’ Kent Academy schools were closed after a Tunbridge Wells data breach took place, cybercriminals getting access to pupils ‘personal records.
What Happened?
BBC has recently reported that a Tunbridge Wells data breach determined Skinners’ Kent Primary School and Skinners’ Kent Academy to be closed because of a cyber-attack begun last Wednesday that affected both schools, where hackers might have got access to children personal information and records of parents’ bank accounts.
It is not known yet the specific nature of the information hackers have gathered, but it is definitely a ransomware attack, as the stolen data was encrypted.
What Kind of Data Was Stolen?
The schools’ officials stated on the official academy website that the accessed data was from “our school servers” and that the cybercriminals, described by a trust spokeswoman as “sophisticated”, “do not appear to have access to our School Information Management System (SIMS) which is where we hold all our personal records for pupils.” The school has not anymore access to this data, as it was encrypted.
What Measures Have Been Taken?
The academy immediately took the necessary measures, as they could no longer continue their face-to-face activity safely. The 2 schools were closed on Monday the 7th and they are trying to collect again emergency details and medical information of the pupils from parents.
The schools are also in the process of having all their computers reconfigured as teachers need access to educational resources and the network has to be rebuilt. As a temporary solution, the academy implemented remote studying starting Tuesday.
An investigation is being led now by the National Cyber Security Centre (NCSC) and Action Fraud, supported by the trust’s data protection company and the police. Although the nature of the stolen data is not thoroughly confirmed yet, Kentonline stated that Skinners’ Kent representatives advised the parents to contact banks regarding their financial details as a safety measure.
In addition, an external company took control of the new pupils’ data parents will provide through an external link in order to avoid a subsequent Tunbridge Wells data breach. The share of information between school staff will also be limited as non-network computers were made available, mentions the school website.
The trust states on their website that they are putting every effort into having things get back to normal as soon as possible:
Both schools will be closed to students on Monday 7 and SKA will also be closed on Tuesday 8 June to enable us to continue our investigations and ensure we are able to operate safely. Please be assured that we are working as hard and as quickly as possible to be able to re-open and limit the disruption to learning.
Hi! My name is Andra and I am a passionate writer interested in a variety of topics. I am curious about the cybersecurity world and what I want to achieve through what I write is to keep you curious too!
The incident in Tunbridge Wells serves as a reminder for all organizations to prioritize data security, invest in robust cybersecurity measures, and maintain a proactive approach to protect sensitive information. By doing so, we can help safeguard individuals’ privacy and maintain the trust and confidence of those we serve.