Reporting
Report all cyber incidents immediately to the relevant authority.
Your SLT digital lead is responsible for assigning someone to report any suspicious cyber incidents or attacks to the following if applicable:
Report Fraud
If a financial loss is identified, immediately report to Report Fraud through their website or by calling 0300 123 2040.
Information Commissioner’s Office (ICO)
If personal data is involved, you must inform the ICO within 72 hours.
Give as much information as you can about:
- the nature of the breach
- how and when it occurred
- people impacted
- actions taken
- relevant contact details
Local police authorities
Contact your local police authority if you suspect a financial or safeguarding impact.
Department for Education RPA team
If you are a member of the RPA membership scheme, contact the RPA Emergency Assistance Helpline:
- email rpa.dfe@education.gov.uk
- call 0800 368 6378
Service providers
If the breach affected a third-party service or system, let the service providers know. They should be involved in a coordinated response to the incident.
Insurance providers
If you have private insurance and your coverage includes cyber incidents, contact your insurer. They may provide direct recovery assistance.