Higham Lane School and Sixth Form has been forced to close its doors to all students and staff this week following a significant cyber-attack that has paralyzed the institution’s IT infrastructure.
The attack, confirmed by school leadership over the weekend, has taken down critical digital services, including telephone lines, email servers, and the school’s central management system.
Headteacher Michael Gannon communicated the urgent news to parents and carers in a series of emails sent between January 3 and January 5, 2026. As a result of the breach, the school remained closed on Monday, January 5, and will remain shuttered on Tuesday, January 6, while external forensic experts work to contain the incident.
In a communication sent Monday morning, Mr. Gannon described the closure as a “difficult decision” made following strict advice from external cybersecurity specialists.
The school has engaged a Cyber Incident Response Team from the Department for Education (DfE) and IT experts from the Central England Academy Trust to investigate the scope of the breach and restore system integrity.
“Do Not Log In” Warning Issued
In a move indicating the severity of the network compromise, the school has issued a strict directive regarding digital access. Students and staff have been explicitly instructed not to log into any school systems, including Google Classroom and SharePoint, until further notice.
“As a matter of precaution, we are requesting that students do not log into any school systems,” the school stated. While reassurances were offered to students who may have already attempted to log in, the administration emphasized that a total cessation of network activity is required to ensure “maximum safety while investigations continue.”
The administration acknowledged the potential legal implications of the attack. In correspondence dated January 3, the school noted its legal obligation to report any identified data breaches to the Information Commissioner’s Office (ICO) within 72 hours, in compliance with the Data Protection Act 2018 and GDPR.
The school is currently collaborating with the Local Authority Data Protection Officer to ensure all safeguarding obligations are met.
The timing of the attack is particularly disruptive for students in Year 11 and Year 13, who are approaching critical GCSE and A-Level examinations. The school has advised these students to utilize the closure for independent revision and consolidation of learning notes.
To mitigate the disruption to learning, the school has directed families to external educational resources that do not require school credentials to access.
The school emphasized that these external sites are safe to access on personal devices as they are not linked to the compromised school network. Additionally, the “Exams and Revision” section of the school’s public-facing website has been confirmed safe for use.
While the initial aim was to reopen by Wednesday, January 7, school leadership has not yet confirmed a return date. “Until we fully understand the scope of the work required, I am unable to confirm this opening date at present,” Gannon wrote.
Parents have been advised to monitor the MyEd communication system and social media channels for updates, with a further announcement expected on Tuesday morning regarding the plan to reopen the site in a “safe and controlled manner.”
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
