Singaporean regulators have launched an investigation into a significant cyberattack targeting the Global Schools Foundation. The Personal Data Protection Commission and the Cyber Security Agency of Singapore are assessing the breach, which reportedly compromised sensitive records across the organization’s international network.
Cybersecurity reports indicate approximately 4.8 terabytes of data were exfiltrated. Stolen information allegedly includes student passport numbers, home addresses, staff salary records, and private email correspondence between parents and school administrators. The incident has triggered emergency response protocols from SingCERT to secure remaining infrastructure.
The attack is attributed to FulcrumSec, a ransomware group that emerged in late 2025. This threat actor has previously targeted major entities including Novo Nordisk, LexisNexis, and Arup Group. While Global Schools Group confirmed the incident and stated systems have been restored with external support, they have not publicly validated the specific scope of data accessed by the attackers.
Global Schools Group operates 12 school brands across 64 campuses worldwide, including locations in the UK, South Korea, and the Philippines. The breach raises critical concerns regarding data privacy standards within international education institutions managing high volumes of minor personal identifiable information.