• Home
  • Exclusive: More than 700 school data breaches in a year

Exclusive: More than 700 school data breaches in a year

Schools risk ‘extensive reputational damage’ if personal data of parents or pupils is compromised, accountants warn 
21st November 2018, 5:02am
Article gift icon

Share

Exclusive: More than 700 school data breaches in a year

https://www.tes.com/magazine/archive/exclusive-more-700-school-data-breaches-year
Thumbnail

The number of data breaches reported by schools increased by almost a quarter in just two years, new research shows.

Schools in the UK reported 703 data breaches to the Information Commissioner’s Office (ICO) in 2016-17, compared with 571 in 2014-15.

A freedom of information request by accountancy network UHY Hacker Young showed that 674 were reported in 2015-16.

The news comes after a school business managers’ leader last year warned that funding pressures on schools were making them more vulnerable to cyber-attacks.

And earlier this year, the Charity Commission warned private schools that fraudsters were trying to intercept fee payments from parents using emails.  

Allan Hickie, partner at UHY Hacker Young, warned that cyber-attacks can cause schools “extensive reputational damage, especially if the personal data of children and parents is compromised”.

He added: “As almost all data is now stored electronically, safeguards must be put in place to ensure that schools’ sensitive data is kept secure.

Guarding against cyber attacks

“Parents must be reassured that the information held on their children, and their own financial data, is kept safe.

“Many private and independent schools are attractive to fraudsters, as school fees that they are attempting to redirect are often of high value. It is vital that schools have strong data security in place.”

His organisation warned that schools are now at a serious risk of large fines from the ICO if they fail to report data breaches, following the introduction of GDPR in May 2018.

The regulations make it compulsory for all organisations to report any data breach where there is a risk to people’s data security, including incidents where no information is actually lost or stolen.

However, UHY said that the ICO is unlikely to levy large fines on smaller schools and academies where data on pupils has not been put at risk.

The Department for Education said that all organisations, including schools and colleges, should have good basic cyber-security measures in place.

It pointed to the government's Cyber Essentials scheme, which aims to protect against common vulnerabilities which are widely reported online.

Want to keep reading for free?

Register with Tes and you can read two free articles every month plus you'll have access to our range of award-winning newsletters.

Register Log in

Keep reading for just £1 per month

You've reached your limit of free articles this month. Subscribe for £1 per month for three months and get:

  • Unlimited access to all Tes magazine content
  • Exclusive subscriber-only stories
  • Award-winning email newsletters
Subscribe now
Article gift icon

Share

Exclusive: More than 700 school data breaches in a year

https://www.tes.com/magazine/archive/exclusive-more-700-school-data-breaches-year

Read more

Recent
Most read
Most shared
Sunset Song removed from SQA’s Scottish set text list
News
27 November 2024
The ‘belonging’ converts are puzzling, but welcome
Analysis
27 November 2024
How much prescription over how lessons are taught is too much?
Teaching & Learning
27 November 2024
Teacher pay scales 2024-25: what will your salary look like?
Analysis
29 July 2024
IB plans digital exams for Diploma Programme from 2026
Analysis
22 November 2024
Why heads should have one-to-ones with every teacher
Leadership
25 November 2024
Dangerous staff ratios are putting EYFS children at risk
Teaching & Learning
26 November 2024
Ombudsman wants to close SEND ‘accountability gap’ in schools
News
22 November 2024
3 reasons why schools miss out on great leaders
Analysis
26 November 2024