Children are hacking their own schools’ IT systems ‘for fun’ in a new ‘worrying trend’, an official watchdog has warned.
The Information Commissioner’s Office said teachers are failing to understand the ‘insider threat’ that students pose.
It added the majority of ‘inside job’ cyber attacks and data breaches in schools are by pupils.
Heather Toomey, cyber specialist at the ICO, said: ‘What starts out as a dare, a challenge, a bit of fun in a school setting can ultimately lead to children taking part in damaging attacks on organisations or critical infrastructure.’
It comes after a number of high profile cyber-attacks, affecting firms including Jaguar Land Rover and M&S.
Since 2022, the ICO has investigated 215 hacks and breaches originating from inside education settings and says 57 per cent were carried out by children.
Other breaches are thought to come from staff, third party IT suppliers and other organisations with access.
According to the new data, almost a third of the breaches involved students illegally logging into staff computer systems by guessing passwords or stealing details from teachers.
In one incident, a seven-year-old was involved in a ‘data breach’ at their school – although the details were not disclosed.
They were subsequently referred to the National Crime Agency's Cyber Choices programme to help them understand the seriousness of their actions.
In another incident, three Year 11 students accessed school databases containing the personal information of more than 1,400 of their peers.
The pupils used hacking tools downloaded from the internet to break passwords and security protocols.
When questioned, they said they were interested in cyber security and wanted to test their skills and knowledge.
Another example the ICO gave is of a student illegally logging into their college's databases with a teachers' details to change or delete personal information belonging to more than 9,000 staff, students and applicants.
The system stored personal information such as name and home address, school records, health data, safeguarding and pastoral logs and emergency contacts.
Schools are facing an increasing number of cyber attacks, with 44 per cent of heads reporting an attack or breach in the last year according the Government's most recent Cyber Security Breaches Survey.