The Toronto District School Board (TDSB), one of the largest schools in Canada, has been affected by a data breach following a ransomware attack that was discovered in June.
In June, TDSB informed parents that an unauthorized activity was detected in a system of isolated environment. The TDSB’s security team quickly acted to secure data. However, the exposed student information could include name, school name, grade, TDSB email address, TDSB student number, and day/month of birth.
As per the update by TDSB “At that time, TDSB became aware that an unauthorized third party gained access to TDSB’s technology testing environment, which is a separate environment used by TDSB IT Services to test programs before they are run live on TDSB systems.We have now confirmed that the testing environment contained 2023/2024 student information that could include name, school name, grade, TDSB email address, TDSB student number and day/month of birth.”
TDSB assured the risk to students due to this security breaches being low. TDSB confirmed that is not aware of public disclosure of student data on clear and dark web. YDSB reported the incident to the Office of the Information and Privacy Commissioner of Ontario.
The researchers Dominic Alvieri reported that the Lockbit gang claimed responsibility for the ransomware attack on TDSB and threatened to leak the stolen data if the organization would not pay the ransom within 2 weeks.
