Over Half of UK School Cyberattacks Carried Out by Students

Over Half of UK School Cyberattacks Carried Out by Students

The Rise of Insider Threats in UK Education

The UK’s Information Commissioner’s Office (ICO) has issued a stark warning to schools and colleges: students themselves are now the biggest insider threat to IT systems.

New ICO figures reveal that 57% of insider cyber incidents in education since 2022 were carried out by pupils. The regulator has investigated 215 breaches at schools, colleges, and universities during this period.

Heather Toomey, principal cyber specialist at the ICO, noted that what may start as playful behavior can escalate into criminal activity. “What starts out as a dare or challenge in a school setting can ultimately lead to damaging attacks on organizations or critical infrastructure,” she told the BBC.


How Students Are Hacking Schools

The ICO report shows that students are exploiting weak security in multiple ways:

  • Password guessing or credential theft – Nearly one-third of breaches involved students logging into teacher accounts.
  • Downloadable hacking tools – Many attacks used free software available online.
  • Database intrusions – Students accessed highly sensitive data, including personal, health, and safeguarding records.

In one case, three Year 11 pupils illegally accessed databases containing the personal details of 1,400 students. In another, a student broke into a college system holding data on 9,000 individuals, including staff and applicants.


Why This Matters

These incidents highlight both the technical skill and potential risks of young people experimenting with hacking:

  • Some claim they are “testing cyber skills,” but consequences can be severe.
  • Breaches can expose sensitive information like addresses, health data, and safeguarding logs.
  • Even young children are involved — the ICO cited a case where a seven-year-old was referred to the National Crime Agency’s Cyber Choices programme.

Wider Cybersecurity Concerns

The trend in schools reflects a broader problem: teenage hacking groups are behind some recent high-profile corporate cyberattacks. Companies such as Jaguar Land Rover, Marks & Spencer, and MGM Grand Casinos have been targeted by young cyber gangs.

According to the UK government’s Cyber Security Breaches Survey, 44% of schools reported a cyberattack or data breach in the past year. While staff and third-party suppliers also pose risks, pupils are proving to be the dominant insider threat.


Final Takeaway

Schools need to rethink cybersecurity — not only by improving technical protections but also by educating students on the real-world consequences of hacking.

The classroom is no longer just a place of learning; it’s becoming a frontline in the fight against cybercrime.


FAQs About UK School Hacks

1. Why are students hacking their own schools?
Students often claim they are experimenting, testing skills, or taking on a dare. However, these actions can quickly escalate into serious cybercrime.

2. What kind of data do student hackers access?
Breaches have exposed sensitive personal information, including addresses, performance data, safeguarding records, and even health information.

3. How do students break into school systems?
Most incidents involve guessing or stealing teacher passwords, downloading free hacking tools, or exploiting weak database protections.

4. What are the consequences for student hackers?
Depending on the severity, consequences may include school disciplinary action, police involvement, or referral to the National Crime Agency’s Cyber Choices programme.

5. How common are school cyberattacks in the UK?
The government’s latest Cyber Security Breaches Survey found that 44% of schools experienced an attack or data breach in the past year.

About the Author

Anish is the founder of TechBoltX, sharing mobile gaming rewards, guides, and daily updates.