The federal privateness watchdog says he is “involved” a couple of cybersecurity breach involving a pupil data system used throughout Canada, because the nation’s largest college board revealed the scope of the information that will have been stolen final month.
The federal privateness watchdog says he is “involved” a couple of cybersecurity breach involving a pupil data system used throughout Canada, because the nation’s largest college board revealed the scope of the information that will have been stolen final month.
The Toronto District Faculty Board advised dad and mom and guardians in an e mail Monday that its college students’ birthdays, addresses, well being card numbers, emergency contacts and a few medical data saved since September 2017 might have been included within the knowledge breach involving the PowerSchool platform.
Sure “historic pupil data” – together with well being card numbers and residential addresses – from September 1985 by way of August 2017 was additionally compromised, the varsity board mentioned.
Privateness commissioner Philippe Dufresne mentioned in a press release on Monday that his workplace is in contact with the U.S.-based PowerSchool, which supplies the affected software program to colleges throughout North America.
“I’m involved in regards to the potential impression that an incident similar to this one might have on the non-public data of scholars throughout the nation,” he mentioned.
Earlier this month, PowerSchool advised college boards in Newfoundland and Labrador, Nova Scotia, Ontario, Alberta and elsewhere that it had skilled a knowledge breach between Dec. 22 and 28.
On the time, the corporate mentioned the cybersecurity incident was “contained” and that it had taken steps to stop additional unauthorized entry or misuse of the affected knowledge.
The Toronto District Faculty Board mentioned Monday that PowerSchool has “acquired affirmation that the information acquired by the unauthorized person was deleted” and that the knowledge was not posted on-line.
“To be clear, TDSB doesn’t retailer any social insurance coverage numbers, monetary or banking data within the PowerSchool Pupil Data System, in order that data was not affected in any approach,” it mentioned within the e mail to folks.
Nova Scotia’s Training Division has beforehand mentioned that the breach might have a monetary impression on some former and present lecturers and employees, since some social insurance coverage numbers collected earlier than 2010 had been included within the stolen knowledge.
The federal privateness czar mentioned his workplace is searching for extra details about the breach and also will inform PowerSchool about reporting necessities beneath Canada’s privateness laws.
“This may permit us to convey our expectations to the corporate concerning their response to the breach and to find out subsequent steps,” Dufresne mentioned.
“Championing the privateness rights of kids is one in all my strategic priorities as kids’s private data is especially delicate.”
PowerSchool has mentioned it’s offering companies to prospects as traditional because it continues to analyze.
This report by The Canadian Press was first printed Jan. 20, 2025.
Sonja Puzic, The Canadian Press
