THE worst case scenario is being presented to families affected by the hacking and ransomware attack on school websites that held data on their children.

Matthew Parr-Burman, executive headteacher at the Isle of Wight Education Federation schools, has written to parents with the latest update and offered police advice on improving cyber security

It comes after six schools were affected — Medina College, Carisbrooke College, the Island VI Form, Barton Primary, Hunnyhill Primary and Lanesend Primary.

The sophisticated attack has been investigated but the experts have advised they may never know how much information the attackers got hold of, if any, or if they simply stopped the schools having access to the information held.

Mr Parr-Burman said: "On the advice of the Department for Education, the school engaged a cyber-security firm to produce a forensic report into this attack and to try to determine what had happened to the information.

"They were able to tell us that the attack froze access to our servers, which held all of the school’s information.

"The data on the system included children’s records, contact details of parents, attainment and attendance records and curriculum planning documentation.

"Unfortunately, due to the nature of the attack, they could not tell us any more about how the attackers gained access or whether the hackers actually had access to the information or whether they had simply stopped our own access to it.

"This means that we currently do not know whether this information was accessible to other people. We may never know. The school has taken the decision to warn you about the worst-case scenario so that you can take appropriate action to ensure your own security online."

The advice from the school is to make sure any communication purporting to be from the school is legitimately from them (either from carisbrooke@iwef.org.uk, medina@iwef.org.uk or

viform@iwef.org.uk).

Advice from police:

Digital health tips for parents

Everyone can improve their cyber security by taking these simple actions:

• Use a strong password

• Create passwords using three random words

• Turn on two-factor authentication

• Update your devices

• Back up your data