Pupils in Edinburgh preparing for vital exams have lost access to their online revision tools after a suspected spear-phishing cyberattack targeted the City of Edinburgh Council’s education department.
The cyber threat was identified on Friday when staff received a suspicious meeting invitation, later confirmed to be part of a targeted spear-phishing attempt—a sophisticated form of cyber fraud where attackers impersonate trusted sources to gain access.
As a precaution, the council took immediate action by resetting passwords across all school users. This measure, while critical for protecting digital infrastructure, has disrupted student access to learning platforms during Scotland’s exam season.
Disrupted Access for Exam Students
The timing of the security breach is particularly disruptive, as pupils are currently sitting their Scottish Qualification Authority (SQA) exams. Edinburgh Council has pledged to prioritise support for affected students, including allowing them to collect new login credentials in person at their schools on Saturday morning. An online support page has also been launched to assist with password recovery.
The first wave of exams began on Friday, 25 April, with major assessments like Higher Maths scheduled in the coming week. Many students rely on digital revision resources, especially those provided through the council’s Empowered Learning initiative, which supplies iPads to all pupils.
Second Cyberattack in One Week
The attempted attack in Edinburgh comes just days after a confirmed ransomware incident in West Lothian disrupted school operations and forced the local authority to implement contingency plans. In both cases, officials have assured the public that no personal or sensitive data has been compromised.
Ransomware attacks, which typically encrypt files and demand payment for access restoration, are part of a growing threat to UK educational institutions. While Edinburgh avoided a full-scale breach, experts warn that spear-phishing remains one of the most dangerous entry points for such cyber incidents.
Rising Cybersecurity Concerns in Scottish Schools
The National Cyber Security Centre (NCSC) has urged schools and councils to remain vigilant against targeted phishing and ransomware attacks. Spear-phishing is particularly deceptive due to its personalised nature, making it harder to detect than bulk phishing attempts.
Tech giants such as Twitter (now X) have previously been compromised through similar tactics. Authorities in Edinburgh continue to assess the situation and strengthen their defences to prevent further disruptions to pupils’ education.
