Today, Powys County Council revealed a cyber security incident took personal data of pupils, staff and others connected to one school, with 13 schools impacted by the wider incident.
Due to the sensitive nature of the breach, in which attackers gained unauthorised access to personal data, the council has not revealed which schools fell victim to the attack, but confirmed all those affected were being contacted directly.
The attack was initially identified in April this year and “quickly contained”, with immediate action taken to secure systems and limit further impact.
Cllr Raiff Devlin, Cabinet Member for Customers, Digital and Community Services and Cllr James Gibson-Watt, Cabinet Member for a Learning Powys, said: “We understand that this incident will be very concerning for parents, staff and the wider community.
“We want to reassure people that immediate action was taken to secure systems, and a full investigation is underway with specialist support.
“We are contacting affected individuals directly where necessary and providing advice on steps they can take to protect themselves.
Work is ongoing to fully understand the scope of the incident and identify all those affected, with specialist experts and partners supporting the detailed investigation.
Despite the attack, all schools remain open and operational, with no evidence of disruption to educational provision caused by the incident.
The cause of the incident is not yet known, and the full cost and implications of the attack have not been disclosed.
The council added that it was reviewing its system’s security and making any improvements necessary to prevent further data security breaches.
Comments
This article has no comments yet. Be the first to leave a comment.