A major national awarding organisation said it is making ‘good progress’ restoring its systems and plans to begin resuming apprenticeship assessments after a ‘cyber security’ incident forced it offline.
NCFE locked down all of its online systems, including staff emails and its learner registration portal, while investigators worked to determine the extent of the incident, which occurred late last week.
In a statement on Thursday evening, NCFE chief executive David Gallagher said: “We are extremely grateful for the understanding, patience and support we have received from the sector in regards to the current business interruption.
“We continue to work closely with Ofqual, the Department for Education, the National Centre for Cyber Security, JISC and a range of expert partners to understand, and recover from the cyber incident.”
The shutdown was “a precautionary measure” after “suspicious activity” was detected on its network late last week. NCFE could not confirm whether any sensitive data was compromised at the time of going to press as investigations continued.
Phone lines, live web chat and NCFE staff email accounts were shut down. The awarding body’s portal was also offline, meaning providers could not register learners, upload evidence or claim certificates.
T Level assessments and online functional skills exams went ahead as planned this week, and can go ahead next week. Apprenticeship end point assessments were cancelled this week, but will resume next week.
“Overall, we’re making good progress towards careful restoration of our full services with EPA services restored from the start of next week. We’d like to thank all of our stakeholders and customers for their ongoing support and patience, as we work around the clock to ensure NCFE can return to ‘business as usual’ safely and swiftly,” Gallagher said.
EQA reviews, moderator visits and any meetings involving NCFE staff needed to be rescheduled. Late registration or booking fees incurred by centres as a result of systems going offline will be waived.
Cyber attacks against awarding organisations are rare.
An Ofqual report last year said there was one attack on an organisation “affiliated to three awarding organisations” and another on an awarding organisation that delivered general qualifications in 2024.
An Ofqual spokesperson said: “Ofqual is aware of a cyber incident affecting NCFE. We are in discussions with NCFE, who have engaged fully and appropriate steps are being taken to protect students’ interests.
“NCFE has confirmed that T Level assessments will continue as planned for the next two weeks. Ofqual will continue to assess NCFE’s actions.”
Learners and centres are advised to check NCFE’s website for updates.
Your thoughts