Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label British cybersecurity. Show all posts
UK Sochool cyber incidents
British cybersecurity Cyber Attacks trending news UK Sochool cyber incidents

UK Schools Trust Hit by Knock-On Effects of Intradev Cyber Breach

 

A cyberattack on Hull-based software developer Intradev is rippling across the UK education sector, with staff at the Affinity Learning Partnership warned their personal details may have been compromised. 

The trust, which runs seven schools and employs more than 650 staff serving around 3,000 pupils, confirmed that employees were notified after the breach came to light through Single Central Record Ltd (OnlineSCR), a service provider managing recruitment and Disclosure and Barring Service (DBS) checks. 

Scope of Exposure 

While some employees are believed to have only minimal details exposed, such as surnames, others face more severe risks. Sensitive information including passport numbers, driving licence details, and National Insurance numbers may have been leaked. 

In a letter to staff, the trust said, “We have written to all staff affected, including those with less data exposure, and included a list of precautionary steps. However, there is the potential that the impact on you could be more significant and we have been made aware of some additional support options.” 

The Information Commissioner’s Office (ICO) has advised that replacing passports or driving licences may not be immediately necessary. Still, legal experts warn the nature of the stolen data could leave individuals exposed to identity fraud. 

How the Breach Happened 

Intradev, which designs bespoke software for clients, discovered a digital intrusion on August 4. One of its customers, Access Personal Checking Services (APCS), a provider of criminal record checks alerted clients soon after. 

OnlineSCR, APCS’s sister company, was also affected due to its reliance on Intradev’s systems. With OnlineSCR acting as a repository of highly sensitive school workforce data, the fallout has been significant for trusts such as Affinity Learning Partnership. 

A legal briefing from Browne Jackson LLP noted that the compromised data varied between schools but could include addresses, Qualified Teacher Status (QTS) numbers, and other identification details. 

Support Measures 

To protect staff, Affinity is offering two years of CIFAS protective registration. The service ensures additional identity verification checks are carried out if fraudsters attempt to use stolen details to open accounts or apply for credit. 

Wider Implications 

The incident underscores the growing cybersecurity vulnerabilities of UK schools, which often hold valuable personal data but operate with limited IT security budgets. It also highlights how breaches at third-party providers can have far-reaching consequences for institutions that may otherwise have strong protections in place. As Intradev continues its investigation into the compromised files and systems, education trusts across the country are being reminded of the risks inherent in outsourcing critical services to external technology partners.
Read more »
Subscribe to: Posts (Atom)