Data of Hereford school's pupils posted on darkweb

The personal information of children got leaked online after Vice Society’s cyberattack on a Hereford secondary school.

The Bishop of Hereford's Bluecoat School in the Tupsley district of Hereford, England, suffered a data breach back in October, when threat actors attacked the institution’s systems. However, at the time, the school reassured that the personal information of students and staff was safe.

Yet now, the school, which has around 1000 students, informed parents that cybercriminals released full names, addresses, unique pupil numbers, dates of birth, gender, ethnicity, additional special educational needs information, multi-agency safeguarding hub reports, and police incident reports of pupils on the darkweb.

During the initial attack on October 9, unusual activity was detected on the school’s networks, with the remote access and the file system being immediately disconnected as a mitigation tactic,

On October 10, the Bishop of Hereford's Bluecoat School was informed by the Vice Society hacking group that their files had been encrypted.

The police did not immediately take any action, as they didn’t believe any data was breached. But on October 31, the school was informed by a third-party company that their details ended up on the darkweb.

"As a school, this is a deeply concerning and distressing time for us in that personal and confidential information has been breached and published in this way," headteacher Mr. Henton said, adding: “Unfortunately, it is not possible to ascertain exactly how much of the data has been copied or shared and in that respect the breach is currently uncontained.”

Mr. Henton encouraged parents and students to remain vigilant and stay alert for suspicious activity given “the sensitivity of some of the information that has been published.” The school is currently cooperating with law enforcement and IT experts to review its systems.

Vice Society is a threat group that has been actively targeting the education sector. It operates by exploiting publicly known vulnerabilities. Previously, it stole and leaked the information obtained from the Los Angeles Unified School District (LAUSD) in a similar campaign.