Toggle menu

Cyber Attack update

Investigation work has been ongoing into the impact of the council's education network as a result of the criminal attack.

Cyber Attack update

Investigation work has been ongoing into the impact of the council's education network as a result of the criminal attack.

Update - 9 July 2025.

Investigation work has been ongoing into the impact of the council's education network as a result of the criminal attack.

The council's education network was the victim of a ransomware cyberattack on Tuesday 6 May. 

This remains a live criminal investigation, and we are working with all relevant external agencies, including Police Scotland and the Scottish Government.

Following a thorough investigation, a small percentage of the total data stored on our Education Network was compromised. Of that, only a very small proportion of files that were compromised were of a personal and sensitive nature.

Schools not directly affected:

With the exception of Holy Family Primary, there is no evidence that any data was stolen from our primary nursery, additional support needs schools or Winchburgh and Sinclair Academy servers. 

Schools directly affected:

There is evidence that a small amount of information held by the following schools was compromised.

These schools are:

  • Armadale Academy
  • Bathgate Academy
  • Broxburn Academy
  • Deans Community High School
  • Inveralmond Community High School
  • James Young High School
  • Linlithgow Academy
  • St Kentigern's Academy
  • St. Margaret's Academy
  • West Calder High School
  • Whitburn Academy
  • Holy Family Primary

A small proportion of files that were stolen were of a personal and sensitive nature.

For example, it is possible that names, addresses, email addresses and learning materials were amongst the data taken from the affected schools. Parents/carers with children at any of the affected schools above should be aware of this information and take appropriate precautions.  These precautions are set out on our hub in the what should I do now section below.

Reports shared by social work and other agencies were also compromised. Our staff have already contacted those individuals deemed to be most at risk in relation to this.

If you have specific concerns about the potential theft of sensitive data impacting on you or your family, please send details in confidence to: educationcybersecurity@westlothian.gov.uk

This will be monitored and will be responded to within a reasonable timescale. Please note that as this is a live investigation it may not be possible to provide specific individual information beyond that contained within this communication.

This is an ongoing investigation and if there is a need to contact you in future, you will be contacted directly.

What is not affected

There is no evidence that the council's corporate and public access networks have been affected.

All information held elsewhere in the council remains safe and secure, with extra measures in place to protect our networks.

What should I do now

As a precaution, everyone should be extra vigilant and be aware that there remains the possibility that any stolen data might be used for further criminal activity, such as phishing attacks or other scams.

Due to the increasing number of cyberattacks affecting a range of business and organisations, everyone is urged to be extra vigilant with their data online.

Passwords

What to do if my data has been lost

Cyber and Fraud Hub

Further updates

We will share any further updates as soon as we have them.

We would ask parents/carers not to contact their school or our customer contact centre regarding the cyberattack, as they do not have any more details than this at this stage. 

Any individual who has evidence that they have been the victim of a crime should contact Police Scotland on 101.

Share this page

Facebook icon Twitter icon email icon

Print

print icon