Higham Lane School Closed Due to Cyberattack Impacting Staff

Higham Lane School and Sixth Form closed its doors to all students and staff this week after a significant cyberattack paralyzed the institution’s IT infrastructure.

The attack, confirmed by school leadership over the weekend, has taken down critical digital services, including telephone lines, email servers, and the school’s central management system.

Headteacher Michael Gannon communicated the urgent news to parents and carers in a series of emails sent between January 3 and January 5, 2026. As a result of the breach, the school remained closed on Monday, January 5, and will remain shuttered on Tuesday, January 6, while external forensic experts work to contain the incident.

In a communication sent Monday morning, Mr. Gannon described the closure as a “difficult decision” made following strict advice from external cybersecurity specialists.

The school has engaged a Cyber Incident Response Team from the Department for Education (DfE) and IT experts from the Central England Academy Trust to investigate the scope of the breach and restore system integrity.

“Do Not Log In” Warning Issued

In a move indicating the severity of the network compromise, the school has issued a strict directive regarding digital access. Students and staff have been explicitly instructed not to log into any school systems, including Google Classroom and SharePoint, until further notice.

“As a matter of precaution, we are requesting that students do not log into any school systems,” the school stated. While reassurances were offered to students who may have already attempted to log in, the administration emphasized that a total cessation of network activity is required to ensure “maximum safety while investigations continue.”

The administration acknowledged the potential legal implications of the attack. In correspondence dated January 3, the school noted its legal obligation to report any identified data breaches to the Information Commissioner’s Office (ICO) within 72 hours, in compliance with the Data Protection Act 2018 and GDPR.

The school is currently collaborating with the Local Authority Data Protection Officer to ensure all safeguarding obligations are met.

The timing of the attack is particularly disruptive for students in Year 11 and Year 13, who are approaching critical GCSE and A-Level examinations. The school has advised these students to utilize the closure for independent revision and consolidation of learning notes.

To mitigate the disruption to learning, the school has directed families to external educational resources that do not require school credentials to access.

The school emphasized that these external sites are safe to access on personal devices as they are not linked to the compromised school network. Additionally, the “Exams and Revision” section of the school’s public-facing website has been confirmed safe for use.

While the initial aim was to reopen by Wednesday, January 7, school leadership has not yet confirmed a return date. “Until we fully understand the scope of the work required, I am unable to confirm this opening date at present,” Gannon wrote.

Parents have been advised to monitor the MyEd communication system and social media channels for updates, with a further announcement expected on Tuesday morning regarding the plan to reopen the site in a “safe and controlled manner.”

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.