Cyber Incident Victim: Guildford County School

On January 19, 2023, Guildford County School in Surrey, UK, detected a cyber-intrusion affecting its IT systems, phone lines, and communication platforms. The incident disrupted ParentMail services and Microsoft Teams functionality, forcing the school to publicly announce the outage via its website and Twitter account. Headteacher Steve Smith confirmed the school remained operational for its 1,000+ students, with staff continuing lessons using alternative methods. Initial statements from the Learning Partners Academy Trust, which oversees the school, described immediate remedial actions to limit data loss and engagement with professional cybersecurity responders. By January 26, the ransomware group Vice Society claimed responsibility, publishing hundreds of stolen files on its leak site. Filenames indicated compromised safeguarding reports—confidential documents detailing vulnerabilities of at-risk students. The school had not confirmed whether it notified affected individuals about this data exposure at the time of reporting.

The school activated its backup systems and collaborated with the UK Information Commissioner’s Office (ICO) to address regulatory obligations. A Trust spokesperson reported "excellent progress" toward full system restoration but provided no timeline for resolution. Phone services remained nonfunctional a week post-incident. Vice Society, known for targeting educational institutions globally, previously leaked data from 14 UK schools without victim notification. The National Cyber Security Centre (NCSC) had issued warnings about rising ransomware attacks against UK schools since June 2021, noting improved preparedness despite persistent threats. Guildford County School’s incident reflected broader patterns of criminals exploiting sensitive student data for extortion while institutions maintained operational continuity during recovery efforts.