CONFIDENTIAL details about youngsters have been leaked onto the so-called dark web after a Hereford school's data security was breached by computer hackers.

The Bishop of Hereford's Bluecoat School in Hampton Dene Road is now assuring parents that it is dealing with the incident appropriately.

The full names and addresses of pupils have been posted on the dark web – a hidden section of the internet where criminals can communicate anonymously.

The school said in October that cyber criminals had attacked the school's systems, but "there was no threat to the personal information of students and staff".

But the headteacher of the Hampton Dene Road school, which has about 1,000 pupils, has now told parents that personal information, including names, ages, addresses and special educational needs information has been leaked.


The data breach has now seen students' information shared on the dark web, a hidden network usually used by criminals who can remain anonymous.

In a letter to parents on Monday (November 7), Mr Henton said the breach happened on October 9 and the IT manager immediately disconnected the remote access and the file system.

The next day, servers were disabled by a hacking group called Vice Society, which said it had encrypted the school’s electronic files.

The school's IT manager then disconnected the internet so that no traffic could access the school network for three days while investigations were ongoing.

Want to get the latest breaking news alerts sent straight to you? It's easy, just sign up for our breaking news email alerts here and the most important stories will be delivered straight to your inbox.

The police were also contacted to notify them of the criminal activity, but no action was taken as it was believed that no data had been breached.

But on October 31, an "alleged third party company" got in touch to say the school’s data had been published on the ‘dark web’.

After further probing, headteacher Mr Henton said the full names and addresses of students had been posted online, along with their unique pupil number, date of birth, gender, ethnicity, additional special educational needs information, multi-agency safeguarding hub reports and police incident reports

"As a school, this is a deeply concerning and distressing time for us in that personal and confidential information has been breached and published in this way," Mr Henton said.


He said it was impossible to know exactly how much of the data has been copied or shared as the breach is currently uncontained.

"Given the sensitivity of some of the information that has been published, I am writing to inform you and ask that you remain vigilant in the event you encounter any unusual or suspicious activity," he told parents.

He said that if any of the data published contains security information such as usernames or passwords, the school will be in touch with those parents directly.

The school has also appointed a specialist data protection officer.