The AQA Education Data Breach


Up to 65,000 examiners' data, stored on AQA's examiner application system and examiner extranet, has been subject to cyberattacks from hackers.

This is yet another massive data hack that has already caused serious distress for people involved. Our Data Leak Lawyers are now investigating claims.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

We Are With You
We vow to fight for the rights of victims whose private data has been exposed or misused.
Maximum Compensation
We pledge to make sure victims are always fairly compensated for what they have had to go through.
No Win No Fee
You benefit from our Genuine No Win, No Fee promise. Find out more here now.
Data Claim Experts
We have recovered over £1m for data breach victims since 2014 as leading pioneers in privacy claims law.

Information Hacked
From AQA

It has been revealed by AQA that a wealth of sensitive data was potentially leaked to attackers:

  • First names and surnames
  • Addresses
  • Telephone numbers (personal and work)
  • Email addresses
  • Passwords to systems used to mark examinations;
  • Examiner pins
  • "Memorable word" used to reset a forgotten password
  • Centre numbers

Although AQA say they are "very sorry that this happened", hackers have still gained access to a massive amount of personal and sensitive information. Not only does that put the victims' information at risk, but there are concerns for students and pupils as well. Although the AQA has ensured schools that no exam results will be affected, it seems too early say in our view.

The full effects of many data breaches never fully materialise until, sometimes, years after the breach.

Home Working Systems Hacked

Thousands of AQA examiners work from home marking examinations using a range of online tools, such as the online marking system; the online mark collection system; and the online standardisation system.

All three of these systems were reportedly breached.

AQA was notified of the breach on the 21st March 2017 and immediately shut down the systems. It wasn't until the 6th April 2017 that the exam board uncovered the extent of the breach and that the information exposed was so widespread.

It Could Have Been Worse...

The exam board highlights that they had security measures in place, and that if these measures had not been implemented, the attack could have been much worse.

But it still begs the question as to how the systems were hacked in the first place. Clearly, with people working remotely, the systems that need to be in place to properly secure the information have to be excellent. There are so many ways information can be intercepted when people are working and accessing databases over the internet, and this should always be at the forefront of any organisation's mind.

Victims Notified And ICO Informed

They have notified the affected people and highlighted that they may be subject to phishing emails and that their information may have been shared with third parties. This is simply unacceptable from an organisation that is supposed to have heightened security given the level of sensitivity of examinations, and the remote working procedures.

AQA have reported the incident to the Information Commissioner's Office (ICO) and the Office of Qualifications and Examinations Regulation (Ofqual) who are both investigating the attack. The ICO highlighted that they're investigating a potential Data Protection Act (DPA) breach from AQA, and if they are found to have breached the DPA, they may face fines.

However, this does not deal with the fact that 65,000 peoples' personal and work information has been hacked.

The Long
Wait Begins...

The problem with data breaches is that the effects can last for a long time. The data hacked from AQA could spring up in the future on the "dark web" and cyber criminals may already be trying their luck with passwords gleaned from the information accessed.

Rectifying the problem by changing passwords is simply not enough. As an employee of AQA, you put your trust in them to keep your information safe, but they have failed to guard that information. We're investigating claims for victims who have already approached us for help, and if you have been affected by the hack, we may be able to help you too.

The Importance
Of Our Work

Our work is extremely important. We all have a right to privacy; and our rights when it comes to how our personal data and information is used and handled is enshrined in law. But for too long now organisations have flouted their duties and people have become the victims of widespread scandals where personal information that is sensitive and confidential has been leaked to people who should never have seen it.

We help the victims to obtain the justice that they deserve.

No Win, No Fee

We can pursue your claim on a genuine No Win, No Fee agreement.

Fighting Your Corner

We can fight for your rights as a victim of a data breach, leak, hack, or where your information has been misused.

Leading Data Breach Experts

We are leading data compensation lawyers representing thousands of clients for claims.

We Can Help

You have rights as a victim, and we may be able to help you claim for data leak compensation.

We're here to help, and if you would like free and confidential advice as an affected victim of the breach, please call us on 0800 634 7575 or send us a message by contacting us here.

Our Simple Claims Process

We offer free, no-obligation legal advice and No Win, No Fee legal representation – Start Your Claim Now!

If you have been the victim of a data breach from any private or public organisation, then we can help. Whether it's your employer, the NHS, the police, a local authority, or a website you use, we can help you claim the compensation you deserve.

Our clear and simple process:


You can speak to the team by phone, or message us with your enquiry now. You can arrange a call back for a time and date that suits you.

Your Case

We can usually assess your claim in a matter of minutes and get the case started without delay.

Your Claim

We can quickly launch your claim for data breach compensation. Start your claim today.


As your claim moves forward we can keep you updated.

Your Lawyers - Leading Data Leak Lawyers

The Data Leak Lawyers have represented substantial cohorts of claimants in Group Litigation Order actions. Aside from our work in multi-party claims, we also represent considerable numbers of individual claimants that range from medical data leaks to council and social services data breaches.

Some of these cases are particulary sensitive. As a firm of lawyers who also take forward large numbers of complex and serious data protection breach compensation claims, we can offer a network of legal experts from our in-house staff to the Barristers we have close relations with, and indeed the lawyers and firms we work with around the world.

The combination of expertise in data compensation and mass consumer actions allows you the confidence to know that we are dedicated to the fight for justice.

Latest Posts

Home Office ICO Enforcement Action: How Data Breach Victims Can Claim Compensation with The Data Leak Lawyers

The recent Home Office ICO enforcement action serves as a stark reminder of the consequences of data mishandling.In the digital age, data breaches have become all too common, leaving individuals v...

Click to read this article

Posted By Admin
GDPR Compensation Cases: A Guide for Data Breach Victims

At The Data Leak Lawyers, we specialise in helping data breach victims navigate GDPR compensation cases, ensuring they receive the financial redress they deserve.In today's digital age, data breac...

Click to read this article

Posted By Admin
Data Leak Lawyers Assist Victims of Dating Website Data Breaches

At The Data Leak Lawyers, we specialise in representing victims of all sorts of breaches, and we can help when it comes to dating website data breaches to assist in victims being able to secure the co...

Click to read this article

Posted By Admin

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon