Friday May 23rd 2025
Photo credit Unsplash Mikhail Fesenko.
Written by Local Democracy Reporter, Stuart Sommerville
A senior SNP councillor has acknowledged that people “will obviously be worried” by the latest revelations about the data theft from West Lothian’s schools.
But as the council confirmed personal and sensitive information is among the data stolen the depute group leader of the council’s opposition group moved to reassure parents.
Parents and carers have been sent letters advising them to take extra precautions and a live investigation remains ongoing.
The council stressed that no financial details or confidential pupil records had been taken by the hackers.
Councillor Pauline Stafford told the Local Democracy Reporting Service: “People will obviously feel worried that ongoing investigations have confirmed that a small percentage of the overall data stored on the council’s education network has been stolen.
“The council and partners are working at pace to confirm the exact data which has been taken but is reassuring parents that the majority of systems used by schools to interact with parents and carers are unaffected and risk assessments have been carried out with appropriate action taken.”
The council said: “It has now been confirmed that a small percentage of the overall data stored on the education network has been stolen. We are aware that some personal or sensitive data is among the information stolen by criminals.
“We would like to offer our sincere apologies to anyone potentially affected by this criminal cyberattack.”
Councillor Stafford told the LDRS: “I would like to thank all council staff dealing with this attack.
“A special thanks must go to our education staff who have worked incredibly hard to ensure the impact on our children and young people, especially those sitting exams, has been minimal.
“As per the advice from both the council and Police Scotland people should be extra vigilant against possible phishing attacks and scams and seek advice if they are concerned.”
Parents have been asked not to contact their school or our customer contact centre regarding the cyberattack, as they do not have any more details than this at this stage.
The council spokesperson added: “We are aware that some personal or sensitive data is among the information stolen by criminals.
“Risk assessment has been carried out on any potential child protection issues at each of the schools affected, and appropriate action already taken if required. We would like to offer our sincere apologies to anyone potentially affected by this criminal cyberattack.”
The education network remains removed from the rest of the council’s networks, and there has been a significant amount of work undertaken by staff to ensure that disruption to education, including SQA exams, has been minimal.
Contingency arrangements for schools will continue until the end of the current school term.
The education network remains removed from the rest of the council’s networks, and there has been a significant amount of work undertaken by staff to ensure that disruption to education, including SQA exams, has been minimal.
There is no evidence that the council’s corporate and public access networks have been affected. All information held elsewhere in the council remains safe and secure, with extra measures in place to protect our networks.
There is no evidence that any of the data held by the council or partners listed is affected by this breach. This includes:-
Confidential pupil records, which are securely stored on the SEEMIS system;
– Pupil information held on the GLOW network;
– Financial data and bank details for payments made to schools through the iPayimpact system;
– Social work records, which are part of the MOSAIC system;
– Corporate data, such as council tax information, customer service enquiries, housing information or any other data held by council services out with education.
The BBC reported that a group called Interlock has claimed it is behind the attack.
Such groups operate by using malicious software to encrypt an organisation’s files, then demand a payment with a threat to publish the material online if no ransom is paid.
Tweet Share on Facebook
