WEYBURN - The South East Cornerstone Public School Division (SECPSD) has sent an update to parents and guardians regarding the cyberattack that happened in the division earlier this year.
In a letter, the school division said it has completed a thorough review of affected systems and data to assess the full extent of the incident, but unfortunately, it has been unable to identify what information was impacted specifically.
"We do not know if any of your child’s personal information was impacted by this incident or not," the division said in a letter sent to parents Monday. "The purpose of this letter is to alert you to the possibility that some of your child’s personal information may have been impacted, and to provide you with information regarding steps you may wish to take to protect them and their information."
According to the division, on Feb. 8, it discovered an unauthorized third party had gained access to its network. While the intrusion was promptly terminated, it was not before the unauthorized third party was able to copy some of SECPSD’s data to a cloud storage service outside of the network.
"We immediately deployed countermeasures to protect our network from further unauthorized access and engaged third-party cybersecurity experts to assist us in containing, remediating and investigating this incident," the division said. "We also reported the matter to the RCMP and contacted the cloud storage service provider to have the accounts associated with this incident permanently suspended."
The division said it has been monitoring the dark web and it is not aware of any evidence to suggest that the copied data has been published or otherwise exploited for any fraudulent purposes.
Since the most recent communication earlier this year, the division has concluded its forensic investigation. It has also made considerable efforts to determine specifics of the copied data. Those efforts included utilizing two leading forensic investigators to attempt to identify which files and information were impacted.
The division was advised that there is insufficient evidence on both fronts to make that determination.
"As a result, we set about reviewing and analyzing information on systems determined to have been accessed, and in file directories we suspect the copied data originated from. Through that process, we identified certain information pertaining to students enrolled in SECPSD schools during the recently-concluded school year," the division said.
In consultation with third-party cybersecurity experts, the division says it has implemented a number of enhanced security measures to prevent against a similar incident from occurring in the future.
The review of the impacted systems revealed the following data types in relation to students: name, date of birth, home address, phone number, school email address, gender, health card number, allergies, information and school-related information (e.g., student number, achievements and grades). The name and email address of a parent or guardian was also identified.
"For clarification, we do not know if any of your or your child’s personal information was impacted by this incident or not. As we cannot rule it out entirely, and we take the protection of the personal information we collect seriously, we are providing you with this notice out of an abundance of caution," the school division said.
"In addition, we want to provide you with information you can utilize to help mitigate against the potential risks of identity theft or fraud and alleviate some of the concerns you may have regarding this incident."
The division recommends parents remain vigilant regarding common threats of fraud and identity theft including the following:
- If you receive an unexpected communication purporting to be from the SECPSD, asking for your or your child’s financial or personal information, the division asks people to consider such communications to be fraudulent, and contact the undersigned immediately.
- Never respond to any unsolicited requests for your or your child’s financial or other personal information.
- Remain vigilant about any unauthorized transactions on your or your child’s financial or credit accounts. If you see anything that looks suspicious, or suspect fraudulent transactions have taken place, call the associated bank immediately.
- Remain vigilant of any phishing or spoofing attempts. Spoofing is an impersonation tactic used in phishing campaigns to deceive individuals into thinking that a communication, usually either a letter or email, is from a trusted source and to leverage that trust to obtain additional information about the recipient or to defraud them.
- Avoid clicking on links or downloading attachments from suspicious emails.
The division says people have the right to file a complaint with the Office of the Saskatchewan Information and Privacy Commissioner regarding this incident or the handling of it should they wish to do so.