Scottish Qualifications Authority Investigates Leak of 17,000 Documents

share
Header image

Scottish Qualifications Authority Investigates Leak of 17,000 Documents

share

Network intrusion began late on Friday and lasted into Saturday.

Scotland’s national exams body is investigating a data breach after a large cache of documents were leaked on the web.

According to Future Scot, the Scottish Qualifications Authority is looking into a suspected unauthorised network login from credentials belonging to a member of staff at the unnamed school – which has led to more 17,000 documents being spilled online.

The network intrusion began late Friday and lasted into Saturday, with claims then appearing on social networks linking to a well-known dark web data breach site.

It is believed that the data is not considered to be sensitive or personally identifies students or staff, and is mostly ‘historic’ information unlikely to cause alarm or distress to parents or learners.

An X user going by the name @petikvx posted details of the breach, with links to Dark Web Informer, where it was claimed: “The leak consists of PDF and DOCX files, totaling 12GB compressed and 18GB uncompressed, allegedly taken from secure.sqa.org.uk. The exposed materials include past and present assessment resources covering a period from 2004 to 2025.”

An SQA spokesperson said: “SQA can confirm that the issue relates to the unauthorised use of website-access credentials at a single SQA centre and is not the result of a cyber-attack. The centre’s access to SQA Secure has been suspended. Other SQA centres can continue to safely access SQA Secure while our investigations continue.” 


Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Data Breach Published: 11 March Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Upcoming Events

No events found.

Related content

Hijacked NHS Scotland domains push adult content

Hijacked NHS Scotland domains push adult content

 UK watchdog raises concerns over Jaguar Land Rover's cyber bailout

UK watchdog raises concerns over Jaguar Land Rover's cyber bailout

 Stryker dismisses malware use, data theft following cyberattack

Stryker dismisses malware use, data theft following cyberattack
Report: UK cyberattacks grow faster than global rate

Report: UK cyberattacks grow faster than global rate

 Toll of Transport for London hack reaches nearly 10M

Toll of Transport for London hack reaches nearly 10M

 Novel CyberStrikeAI tool exploited in attacks

Novel CyberStrikeAI tool exploited in attacks
Industry urges reform to retain women in tech

Industry urges reform to retain women in tech