Update on cyber attack
Last updated: Tuesday 20 February 2024
THE MISBOURNE UPDATES SCHOOL COMMUNITY ON CYBER ATTACK
The Misbourne is reaching out to past and present members of the school community who may have been affected by the criminal cyber attack that happened at the end of last month.
Ever since the ransomware attack, the academy in Misbourne Drive, Great Missenden, has been working closely with the National Cyber Security Centre, the Information Commissioner’s Office, the police and other specialists. It has been established that a limited amount of personal data relating to the period 2005 to the end of January 2024 has been stolen.
The academy is contacting its current staff, families and students where their data is affected, with a description of the data that has been stolen and advice about how to protect their security online; and will be attempting to reach other affected people where possible to contact them directly.
Any former staff or students, or anyone else who was connected to The Misbourne during the period 2005-January 2024, who wish to know if they have been affected by the cyber attack, should contact its designated email address: cyberresponse@themisbourne.co.uk
Headteacher, Mr Rich Peters, said: “This was an upsetting situation that we take extremely seriously, and we are enormously grateful for the expert help and advice we have had from the authorities.
“I would also like to thank the community again for its support and patience during this challenging time – it is greatly appreciated.”
Academy response to cyber attack
Our systems had the necessary preventative security protocols in place at the time of the incident but unfortunately, as a number of public sector organisations have recently experienced, the criminal attack was sophisticated, and access was achieved, with data being stolen from our server.
As soon as we became aware of the attack, measures were put in place to contain and remove the malicious software and restore our systems. The forensic analysis of our network is conducted by third-party cyber security specialists who are investigating the circumstances and impact of the incident.
This page contains guidance for our staff, students and families and is being reviewed and updated on a regular basis.
Online security
While there is no evidence that passwords have been stolen, in line with good security practice, our school community and anyone with a link to The Misbourne are advised to change their passwords for any online accounts they may have, for example relating to emails, apps and websites. Please also be particularly vigilant for suspicious-looking or unsolicited emails or other activity. Families are asked to support their child to update their passwords on their personal devices.
Letters to families
Cyber attack update letter 19.02.24
Cyber attack update letter 9.2.24
National Cyber Security Centre guidance
Phishing attacks - dealing with suspicious emails
Cyber Aware - advice on how to stay secure online
Data Breaches - guidance for individuals and families
Information for our community
Student wellbeing
We understand the concern created for those directly affected and support is available to these individuals and all our students. Students can find wellbeing support on our website and we also encourage students to speak to their form tutor or Year Group Performance Director if they are worried about anything in particular.
Staff wellbeing
Please speak to your line manager if you are worried.
You can also find support through our Employee Assistance Programme with Worknest, available 24 hours a day, 7 days a week. The contact details are in the staff handbook on our staff portal.
What activities are underway to limit the extent of the compromise?
For security reasons, we are unable to share details of the activities undertaken but we have made significant progress in both containment and building resilience in our systems.
We are continuing to work closely with the National Cyber Security Centre, National Crime Agency, the South East Regional Organised Crime Unit and specialist external partners. This includes supporting the national effort to counter cybercrime.
Has your email system been compromised such that we may receive phishing emails from The Misbourne email addresses?
We have no evidence that our email system has been compromised. But, of course, we all need to take precautions around potential phishing emails.
For more information, please see the National Cyber Security Centre's guidance on phishing.
Can I check if my details have appeared in any other public data breaches?
To check if your details have appeared in any other public data breaches, there are a number of online tools that you can use, such as https://haveibeenpwned.com. Similar services are often included in antivirus or password manager tools that you may already be using.
How do I protect myself against identity fraud?
If you are concerned that you may be at risk of identity fraud, you may be interested in applying for protective registration. Please follow this link for more information: www.cifas.org.uk
Can we talk to someone to discuss our concerns?
We are prioritising liaison with individuals and organisations where the disruption has had a direct impact. Unfortunately, due to the numbers involved, we are unable to hold detailed conversations about the cyber incident with all our partners where there is no reason to suspect there has been a direct impact.
Please be assured that we are carrying out comprehensive checks and improvements to ensure our systems are as secure as they can be.
If you have further queries, please email us and we will triage your request. We ask that you please continue to be patient as it may take some time to respond.
Communication
We understand that our colleagues, students and families are rightly concerned about this current incident and we want to reassure you that we are trying to answer as many of your questions as quickly as possible.
This is a live incident and, consequently, advice and guidance around the incident is changing very quickly. For that reason, and to prioritise our effort on resolving the issue itself as soon as possible, we are unable to answer every individual query.
We are committed however to grouping questions into themes and topics and will continue to update that information on this site on an ongoing basis. Please do check this web page and the families' bulletin for regular cyber incident updates.
Data accessed / services affected
Our ongoing cyber investigations continue to explore where data and individuals have been impacted, and we are communicating with all those affected in the most appropriate way, offering them advice and support.
Cyber security - a guide for small businesses
How to improve your cyber security; affordable, practical advice for businesses