#1254757: Pupils' data 'at risk' in hack attack on Kings Norton Girls' School
The personal data of almost 1,000 girls and their families is at risk after a hacking attack on a Birmingham school.
Parents with children at Kings Norton Girls' School were told there was an "extremely small but potential breach of personal data relating to you and your child".
The letter followed what the school called a "significant" cyber-attack on its systems last Wednesday, April 10.
The school, in Selly Oak Road, Kings Norton , sent two letters to parents before the school broke up for Easter informing parents of the breach.
A letter dated Friday, April 12, written by business manager and data protection officer Clare Skinner said: "There is currently no evidence to show that the personal data held on students or parents has been corrupted or breached.
"At this point in time we can't be 100 per cent sure of this."
The letter warned parents of an "extremely small but potential breach of personal data relating to you and your child".
The school said malicious software was deployed throughout the school's IT networks in the cyber-attack and may have resulted in the unauthorised access to personal data held on the school's systems.
The letter went on to assure parents that ParentPay - a scheme whereby families can make online payments for purchases including school dinners - was "completely secure" and no information had been breached.
BirminghamLive contacted Kings Norton Girls School but the school was unavailable for comment.
The letter in full
"As we begin the Easter holiday and following on from the letter which i sent home yesterday I wanted to update you on the cyber-attack we suffered early on Wednesday morning.
"The attack on our systems was significant but there is currently no evidence to show the personal data held on students or parents has been corrupted or breached. At this point in time however we can't be 100 per cent certain of this.
"I am therefore writing to inform you that there is an extremely small but potential breach of personal data relating to you and your child. Ransomware was deployed throughout the school's It networks and may have resulted in the unauthorised access to personal data held on the school's systems.
"I would like to assure you that ParentPay is completely secure, no information has been breached.
"You will be aware, from previous communication, that the school has informed the relevant authorities of this crime and are working with them and other experts to resolve the situation.
"Our Network team are working hard to reinstate the network for all students. The incident has also been reported to the Information Commissioner's Office.
"Please accept my apologies that this potential breach has occured. KNGS takes cyber safety extremely seriously and has polices and procedures in place to minimise the impact of attempted attacks. We will be reviewing those practices to establish if we can further reduce the risk of this recurring in the future.
"Should you have any queries related to this then please do not hesitate to contact me at the school on 0121 675 8108.
"Yours sincerely Clare Skinner
"Business manager and data protection officer."
|Date added||April 16, 2019, 7:43 a.m.|