Two schools have closed after hackers broke into their servers, stole data and encrypted pupil information.
Officials at the Skinners’ Kent Academy and Skinners’ Kent Primary School said they “cannot be sure” exactly what information hackers have access to.
But they urged parents at the Tunbridge Wells schools to contact their banks to let them know that personal details could have been taken.
Action Fraud and the National Cyber Security Centre are investigating.
The police and the trust’s own data protection company are also carrying out inquires after the attack, which began last Wednesday.
Skinners Kent Academy Trust said on its website that the hackers told them what information they have access to.
It said they did not “appear” to have access to the School Information Management System, which is where personal records for pupils, students and staff are held.
“However, they have encrypted this data so that we no longer have access to it,” the trust added.
As staff no longer hold vital information on the pupils – including emergency contact details – the decision was taken to close the schools on Monday.
The trust is now in the process of collecting all this data from parents again, before it can reopen.
The schools must also have their computers reconfigured so staff can access the resources required to teach. The schools set up remote learning on Tuesday.
The statement on the trust’s website advised parents: “It would be very wise to let your bank know that your bank details may have been taken.”
A trust spokeswoman described the hackers as “sophisticated”.
She added: “The trust is working incredibly hard to ensure that our students and pupils are back in our schools…..as soon as it is possible to do so.”