A COLLEGE boss has said she will not “speculate” on whether her students’ personal data has been compromised following a cyber security attack.

Colchester Institute, in Sheepen Road, fell victim to a digital hack of its internal and external networks roughly two weeks ago.

As a result staff were left unable to communicate using their usual email system and the college’s online application system was also shut down.

Teaching, however, was able to continue as third-party IT specialists were parachuted in to mitigate the threat and work with the school’s computer team.

According to a statement published on the Colchester Institute website, the college’s systems and communication channels have now been “partially restored”.

However, it still remains unknown whether or not any data or information belonging to the educational institution’s pupils has been stolen.

An anonymous source said: “The college has only this week told students they are implementing multiple factor security procedures.

“This is something that should have been in place in the first place and could possibly have prevented it happening.

“Communication with students has also been vague and there has been no confirmation that their data has not been compromised.”

Gazette:

Principal Alison Andreas, however, says the college has taken appropriate action throughout the incident to deal with the attack and reduce repercussions.

She said: “The college has invested heavily in IT security systems over the past three years, and we continue to do so.

“Unfortunately, cyber-attacks are becoming more common and the education sector, in particular, has been hard hit over the last few months.

“We must continue to maintain and strengthen our systems and be more aware of the risk and we will continue to take advice to prevent a similar incident happening again.

“Our forensic investigation is still ongoing and we will receive a full summary on the findings once it has been completed.

“We will of course comply with our regulatory obligations in terms of any potential impact on data.

“In the meantime, it is important we don’t speculate on what data, if any, may have been accessed, or cause unnecessary alarm.”