Cyber Attack

Update: 17.10.25 

The Ripley Academy and John Flamsteed Community School were the victims of a targeted attack by cyber criminals.  This interrupted the operational running of the school for several days in terms of lesson delivery, register completion and safeguarding platforms, which were all carried out using alternative methods to using computers.  

The attack was reported to the National Cyber Security Centre, the police, the Trust and the ICO and both schools followed the IT Recovery Plan and Business Continuity Plan.  Parents and carers were notified of the cyber-attack and reassured that upon initial investigations from external cyber security experts, there was no evidence to suggest that there had been any data exfiltration nor any lateral movement on the server. 

Update: 06.11.25 

Schools were contacted by the Regional Cyber Crime Unit of the police to notify us that they believe some data may have been exfiltrated from the server.  The directory was not an area which affects either John Flamsteed or The Ripley Academy in terms of its contents. 

Update: 17.11.25 

School leaders met with the team working on the forensic analysis of the attack.  They confirmed that there had been no mention of the schools on the dark web and they had no updates on data leakage with intent to publish.  They highlighted that during the cyber-attack, around 20 GB of data traffic was observed, which confirmed the earlier report from the Regional Cyber Crime Unit that the directory was not an area which affects either school.  They highlighted that no significant file traversal activity had been observed other than this.  They had found evidence of attempting to download further zip files from this directory but that this had been interrupted by the school’s Firewall. 

Update: 19.11.25  

The police alerted the school to a publication of a cyber-attack on the Ripley Academy on the dark web.  At this juncture, there was no evidence that the 20GB of data contained staff or student details belonging to either John Flamsteed School or The Ripley Academy.   

Update: 26.11.25 

This morning, we were made aware of a publication by the threat actor on their online blog.  This publication confirms that some student and staff-identifiable data has been exfiltrated and is now outside of our control.  We are working with all appropriate authorities and, as this is an ongoing investigation and due to legal consideration, we cannot give further details at this point.  We will be contacting those affected when it becomes clearer as to what data the cyber criminals have had access to.   

For now, we are advising parents and staff that the best approach to take is to assume that some data relating to you may have been copied and published and to be vigilant for any attempts to access your computer systems, or any approaches by anyone claiming to hold your data or someone else’s data. 

We would also advise everyone to remain mindful of anything that seems unusual or unexpected, particularly if it relates to your personal information. This might include emails, messages, or requests that do not seem typical. Staying aware helps ensure that anything concerning can be identified and reported promptly. 

Update: 8.12.25 

Mrs Frost-Briggs has written to all parents and carers to provide an update on the recent cyber-attack affecting the school. Her letter confirms that some personal data relating to students and staff was published online.

At this stage, there is no evidence that the information has been misused, but families are advised to remain vigilant. The school continues to work with cybersecurity specialists, legal teams, law enforcement and the ICO to investigate, secure systems and strengthen protections.

What does this mean moving forwards?

We are working closely with Derbyshire Police, specialist cyber-security experts and the Trust to strengthen our systems and ensure our defences are as robust as possible. Improving security remains a key priority as we work to prevent incidents like this from happening again.

Frequently Asked Questions

We understand parents and carers have many questions. These FAQs provide the latest information we can share at this stage of the investigation.

FAQs

Available support 

At the moment, the school has no further information on what has been exfiltrated and what hasn’t so we are unable to give you any further detail.  We are working with the authorities to ascertain what information has been breached and we will contact parents and carers again to let you know as soon as we know more. 

In the meantime, students, parents and carers may wish to view the NCSC guidance on Data breach guidance for individuals – NCSC.GOV.UK.   

Contact Us

The Ripley Academy
Peasehill
Ripley
Derbyshire
DE5 3JQ

01773 746334

enquiries@ripleyacademy.org

Privacy and Cookies | Accessibility Statement | Made by Coda Education

Summer 2025 A 'level and GCSE certificates

GCSE and A level certificates are now ready to collect from reception We are open Monday-Thursday 8am-4.00pm and Friday 8.00am to 3.30pm

The Ripley Academy
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.