Interlock, a ransomware gang, breached the education network of Scotland’s West Lothian Council. The council first said no data had been taken, but after Interlock dumped files online it admitted that “a small percentage” of data was stolen. Personal information on teachers, parents and carers—including scanned passports and driving licences—has appeared on the criminals’ leaks site. Confidential pupil records are held on separate systems and were not found in the published cache. Exam timetables have largely continued, and the council is working with Police Scotland and the Scottish Government while warning families to be alert for scams. The incident adds to a run of ransomware hits on UK public-sector bodies and comes as Westminster weighs a ban on paying ransoms in the public sector.
Ransomware raid hits West Lothian schools – personal data leaked online
Scotland’s West Lothian Council has confirmed that hackers have stolen and published sensitive data after a ransomware attack on its education network.
What happened?
Earlier this month the Interlock ransomware gang claimed to have broken into the council’s school systems. At first officials said there was no sign of data theft, but Interlock has now released gigabytes of files, forcing the council to admit that “a small percentage” of stored information was taken.
Who is affected?
• Teachers, parents and guardians: names, correspondence and even scanned passports and driving licences have appeared on the dark-web leak.
• Pupils: the council says confidential student records sit on separate servers and were not exposed. A quick check by reporters found no pupil data in the online dump.
• Financial and social-care data: council tax, benefits and social-work records remain untouched.
Impact on learning
With Scottish Qualifications Authority exams under way, schools have switched to contingency plans, but lessons and assessments are continuing.
Council response
West Lothian Council is:
1. Working with Police Scotland and the Scottish Government.
2. Emailing every parent and carer with advice on spotting scams, changing passwords and monitoring accounts.
3. Asking families not to phone schools for extra details, as front-line staff know no more than the public statements.
The authority has apologised and promised a full review.
Bigger picture
Local authorities, hospitals and universities have been prime ransomware targets for the past two years. Westminster is consulting on a ban that would stop public bodies paying criminals, alongside mandatory incident reporting. The outcome of that consultation is expected later this year.