BROCKVILLE – A cyber attack in early January has resulted in an extensive data breach at the region’s largest school board.
Administration at the Upper Canada District School Board announced in an update on the ongoing internet issues at the board that an extensive data breach has been discovered.
Students who enrolled or attended a UCDSB school from 2010 to present, employees and former employees since 1999 to present, and any former student who received a bursary through a UCDSB school anytime from 2001 to present has had their personal data compromised. Donors to schools, and to the board’s Champions 4 Kids foundation may also be affected.
“The Board’s investigation has revealed that the perpetrators of this cyber attack stole personal information concerning members of the UCDSB community. We understand this news may be concerning for people, and we are deeply sorry,” the board said in its January 22 update.
On January 5, a cyber attack resulted in the shutdown of all internet services at the board. Until now, the board has said there had not been any data compromised based on their investigation. Internet services remain offline including student email, access to online schooling through the schools, and in-school wireless internet.
The data breach affects thousands of current and former students, and thousands of current and former employees.
The UCDSB have reported the incident to the Brockville Police Service and the Information and Privacy Commissioner of Ontario.
Board officials say they believe the risk to individuals is low.
The magnitude of the data breach is extensive. Employee data compromised likely includes social insurance numbers, deposit information, work history, and other personal identification information. For students enrolled at UCDSB schools any time since 2010 until now have personal identification information like name, address, contact information, and marks compromised. Also compromised is information relating to the status of special education students or students with identified “exceptionalities.” These include medical reports and diagnosis, accommodation reports, behavioural reports, and incident reports.
For all employees and students impacted, the board is offering two year credit monitoring services through TransUnion.
The board has said that its cyber attack is not related to the US-based PowerSchool data hack from December that has impacted schools across six provinces and several US states.
The school board’s investigation is ongoing.
“Know that we are also committed to strengthening our cybersecurity program to better protect against future incidents,” the board said in its update.
For those who are potentially affected by the UCDSB data breach, visit the school board’s website for links to the credit monitoring services.
The Local Journalism Initiative (LJI) is a federally funded program to add coverage in under-covered areas or on under-covered issues. This content is created and submitted by participating publishers and is not edited. Access can also be gained by registering and logging in at: https://lji-ijl.ca.
You can support trusted and verified news content like this.
FIPA’s news monitor subscribers, donors and funders help make these available to everyone rather than behind a paywall. We appreciate every contribution because it makes a difference.
If you found this article interesting and useful, please consider contributing here.