A Warwickshire secondary school says it will fully reopen this week after a cyberattack forced a prolonged closure – though staff will return to classrooms with “very limited access” to IT systems.
Higham Lane School in Nuneaton confirmed in a January 16 update that all pupils from Year 7 through Year 13 will return to full-time in-person teaching from January 19, following a staggered, year-by-year return that began earlier this month.
Normal timetables will resume, but lessons are expected to look markedly different as teachers remain cut off from many electronic resources.
The school was struck by what it has repeatedly described as a “serious cyberattack” shortly after the Christmas break, an incident that wiped out access to core IT systems and forced Higham Lane to close entirely on safety grounds. The outage went far beyond email and classroom software, leaving the school unable to operate basic physical safety systems.
In an earlier update on January 12, the school confirmed the attack did not just compromise IT systems and involve the “removal of data,” but also deactivated “several crucial systems,” including electronic gates used to secure the site, the fire alarm, and electronic registers needed to account for students during the school day. Without those safeguards, leaders said, keeping the site open would have been unsafe.
Michael Gannon, headteacher at Higham Lane School, reiterated that point in his latest message, saying the decision to close had been taken on the advice of cyber experts from the Department for Education and the police.
He said the school lost access to infrastructure “essential for the safe operation of the school,” including systems needed to confirm pupils had arrived safely and were in the correct locations throughout the day.
Restoring operations has taken close to two weeks of sustained work. According to the update, staff worked during their evenings and on weekends to rebuild the school’s entire IT environment, a task Gannon described as “mammoth,” given the size of the school.
During that period, the school was without phones, internet access, or usable devices, leaving many staff relying on personal mobiles and personal data just to keep communication going.
The recovery effort has involved ongoing coordination with the Department for Education, police, and external cybersecurity specialists. Gannon said those teams had been surprised by how quickly the school had recovered, given the scale and severity of the incident.
Even so, the return to normal will be partial at best. While pupils will be back on site full-time, staff still have “very limited” access to IT systems and digital teaching materials, forcing many teachers to adapt lesson delivery on the fly. Landline phones remain down, with the school operating on just two mobile handsets, one for Years 7 to 11 and one for the sixth form, and parents have been asked to keep contact to an absolute minimum.
The school has not said what data was stolen during the attack, nor who was responsible, and the attack has not yet been claimed by any of the usual suspects. Recent stats from the ICO indicate that teenagers themselves are behind a significant share of school cyber incidents, often exploiting weak passwords and poorly secured systems rather than sophisticated exploits.
Whether this attack fits that pattern remains unclear, but the lack of detail leaves families and staff with little clarity about what actually happened – or whether it could happen again. ®