Man arrested after cyber attack at Leicestershire school

The alleged hack affected home computers and laptops being used by students for remote learning.

Welland Park Academy, Market Harborough (Credit: Google Streetview)

A man has been arrested in connection with what police believe was a ‘sophisticated cyber attack’ at a secondary school in Leicestershire.

The 28-year-old man has been detained after the incident was reported at Welland Park Academy in Market Harborough.

The alleged hack affected home computers and laptops being used by students for remote learning.

The man, from Wellingborough, in Northamptonshire, has been arrested under the Computer Misuse Act, police have confirmed.

A Leicestershire Police spokesperson said: “A man has been arrested in connection with a reported cyber attack at Welland Park School, Market Harborough.

“Officers received a report of a major IT outage at the school on Monday, January 18 that prevented the school from delivering remote learning and accessing material to support the children of keyworkers and vulnerable children who are attending school.

“It was subsequently discovered that a sophisticated cyber attack had occurred which affected personal devices that connected to the school’s network.

“In all 92 personal devices have been affected.

“Officers from the force’s cyber crime unit are investigating the incident and a 28-year-old man from Wellingborough has been arrested under section 1 and 3 of the Computer Misuse Act.

“He has since been released under investigation and inquiries are continuing.

“Officers worked round the clock with the school and Microsoft to remove the threat to personal devices, which was swiftly achieved and work is continuing to restore the school’s IT capability as quickly as possible.

“There is currently no evidence of any data exfiltration.

“Officers would like to thank school staff, parents and pupils for their support and cooperation during this investigation.”


Our FREE membership allows you to obtain the latest cyber resilience guidance and toolkits to support your business - sign up here


The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.