In recent developments, UK nurseries faced a cyberattack last month in which children’s data was published online by hackers. This incident highlights ongoing cybersecurity concerns in the education sector, which has been increasingly targeted by cybercriminals. According to a UK government survey, educational institutions are more susceptible to cyber-attacks than private businesses. The survey found that 60% of secondary schools experienced an attack or breach in the past year, with the figures rising to 80% for further education colleges and 90% for higher education institutions. In contrast, only 40% of businesses reported similar breaches.
Toby Lewis, the global head of threat analysis at cybersecurity firm Darktrace, stated that the education sector does not seem to be specifically targeted but rather caught in the broader landscape of cybercrime. The nursery chain Kido was reportedly compromised after access was sold to the hacker group Radiant by an initial access broker, a common practice in cybercrime.
The government’s cyber security breaches survey involved nearly 300 secondary and primary schools, and more than 30 higher education institutions, defining a cyber-attack as an attempt to breach IT systems, which includes phishing attacks. Phishing emails emerged as the most prevalent type of attack against universities and schools. Ransomware attacks, which encrypt systems and demand payments, have also gained notoriety in the UK, with incidents affecting several educational institutions, including West Lothian Council and various universities.
Lewis noted that budget constraints and lack of expertise could make state schools more vulnerable, while the transient nature of university students may complicate cybersecurity measures. The education sector has shown heightened awareness of government initiatives aimed at preventing cybercrime compared to other sectors.
The Department for Education emphasized its commitment to cybersecurity through dedicated support services and training for schools. Recent proposals may also impose bans on ransomware payments for schools, NHS, and local councils, indicating continued efforts to mitigate these risks. Despite these measures, cyberattacks in the education sector persist.
Source: https://www.theguardian.com/technology/2025/oct/05/uk-secondary-schools-suffered-cyber-attack-or-breach-in-past-year