Sackville suffers ransomware attack

We are sorry to say that in the early hours of the morning of Wednesday 24th February, the Sackville IT network was attacked by the Sodinokibi ransomware. This is despite having enterprise level anti-malware software installed and a full-strength firewall. All of the files on our servers were encrypted. Over the course of the following two days it has become clear that our database of students, staff and contacts has also been attacked and encrypted. Access to this database requires a second authentication. Whilst there is no reason to think that any data has been extracted, the workings of this particular piece of malware mean it is not possible to be certain of what it undertook before we were able to clean it from the system.

Following our responsibilities under the Data Protection Act, we have reported the attack to the Information Commissioner’s Office, together with a description of the data held on students, contacts and staff.

The encryption of the files means we are unable at present to use our central email system to contact all of our data subjects. For only a small minority do we have contact details outside this system.

As we work through and restitute the system we will update this post.