Parents and teachers have had personal information, such as ID documents, leaked online in a ransomware attack.

Scotland’s West Lothian Council has confirmed that data was stolen from its education network after the Interlock ransomware group claimed responsibility for the intrusion.

The local authority at first said there was no evidence to suggest that data had been taken. But when  the attack group posted what it claimed was a “trove” of data from the attack. the council said a “small percentage” of  data it had stored on an education network has been stolen. This included personal and sensitive data.

IT news site the Register, says it has seen that data from parents and guardians had been leaked. The Register also saw instances of scanned identification documents such as driving licenses and passports.

But financial data and bank details of payments made to schools, social work records, and corporate data such as council tax information, and  housing inquiries,  appears to remain safe.

Letters sent between schools, parents, and councillors, discussing various matters concerning children, such as their extra time allowance in exams, the amount of homework given, and their school attendance, have been made available via Interlock’s blog.

The council described the incident as a “sophisticated ransomware cyber attack,” and it’s working with Police Scotland and the Scottish Government to investigate it.

It is also in the process of contacting parents and carers at every school in West Lothian directly to inform them of the situation and provide advice on what to look out for and how to protect themselves after a data theft.

Parents are advised to show extra vigilance to monitor any possible malicious use of their data.

West Lothian Council has offered its sincere apologies to anyone potentially affected by this criminal cyberattack.