Cyberattack forces British high school to close

A cyberattack has forced a British high school to remain closed following the Christmas holidays.

Higham Lane School in Nuneaton, a town in central England, has told its roughly 1,500 students they won’t be able to attend classes until at least Wednesday due to the incident.

In an email to parents and carers, the school said the cyberattack “has taken down the school IT system,” leaving staff without access “to any digital services including telephones / emails / servers and the school’s management system.”

Headteacher Michael Gannon said the school aims to reopen on Wednesday, “however until we fully understand the scope of the work required I am unable to confirm this opening date at present.”

It requested students not attempt to log into any school systems until further notice.

A spokesperson for Central England Academy Trust, which runs Higham Lane School as well as five other schools in the town, confirmed they were “managing a cyber security incident that has affected access to parts of the school’s IT systems.”

They said the school has implemented incident response protocols and brought in independent cybersecurity specialists to investigate, as well as notified the relevant authorities such as the Information Commissioner’s Office (ICO).

The nature of the incident hasn’t been confirmed. It follows more than 80 ransomware attacks against the education and childcare sector reported to the ICO in 2024.

A series of schools were forced to close that year, including the Charles Darwin School in London, Wymondham College, the largest state boarding school in the country, and Tanbridge House School in West Sussex, with cyber extortionists threatening to release stolen data unless a ransom fee was paid.

It is not clear if any data has been exfiltrated in the Higham Lane incident. The spokesperson said an update would be provided to families tomorrow and claimed it “would be inappropriate to speculate further at this time.”

“The school takes the privacy and security of its community seriously and is taking all reasonable steps to manage the incident and restore systems safely and as quickly as possible,” they added. “As this matter remains under investigation, no further comment can be made at this time.”