Ofsted has strengthened security measures on its Parent View portal after “suspicious” foreign accounts left overwhelmingly negative feedback for a school under inspection.
The schools watchdog had to suspend the page for George Spencer Academy in Nottingham in March and “removed the erroneous data” after identifying “an unusual pattern of behaviour”.
It has now added “additional security” to the site, but would not provide further details.
Accounts removed from the feedback were based in the US, Canada, Brazil, France, Japan, Germany, Singapore, Italy, Romania and Hungary.
Screenshots of the school’s page from March 23 before it was taken down, seen by Schools Week, show 501 responses this academic year.
Thirty-six per cent of parents strongly disagreed that their child did well at the school and 38 per cent strongly disagreed that its pupils were well behaved.
Forty-two per cent strongly disagreed that their child was happy and 38 per cent said the same in terms of their child feeling safe.
The academy, the flagship school of the George Spencer Academies Trust, was rated ‘good’ after an inspection on March 21 and 22.
Changing location of comments ‘relatively easy’
As of Wednesday, following Ofsted’s investigation, 367 responses were left on the academy’s Parent View portal.
Forty-one per cent of parents now agreed their child did well at the school, with the same percentage saying their child was happy there. Forty-five per cent said their child felt safe.
Ofsted said it noticed the issue when a “large batch of responses were submitted in a short space of time from suspicious accounts”.
Though it said the portal had not been hacked, it added that it previously suspended Parent View during a separate investigation and had systems in place to “spot suspicious activity”.
Mark Orchison, the managing director at cyber security company 9ine consulting, said such measures usually involved “geofencing” the site to only accept UK IP addresses or recoding it to only accept one comment at a time.
The school did not respond to questions about the incident. But Orchison said the most likely scenario was that a single contributor who “didn’t like the school” had used a VPN to change their location “relatively easily” and send multiple negative comments.
“A single account could do that…[you] get an IP address which would register from a different location and do it in an incognito browser,” he said.
“It’s probably someone within the school or associated with the school.”
Your thoughts