A massive data breach at Pembina Trails School Division in Winnipeg has exposed nearly a million files—totaling 4.5 terabytes—on the dark web, marking what privacy expert Ann Cavoukian calls an unprecedented cyberattack in Canada. Cavoukian, a former Ontario privacy commissioner, noted she hasn’t seen a hack of this scale within the country, although similar incidents have occurred in Europe and Japan.
The December ransomware attack, carried out by the Rhysida group, crippled the school division’s systems, affecting everything from computers to clocks. After failing to sell the stolen data, hackers dumped it online. The breach exposed sensitive personal data dating back to 2011, including student and staff names, dates of birth, health information, payroll records, credit card statements, and even photos of passports.
Cavoukian warned that such breaches can cause lasting damage, allowing bad actors to manipulate identities and access restricted resources. “They can do whatever the heck they want with it,” she said.
Grade 10 student Sabastian Kelly voiced concern not just for peers but for school staff whose social insurance numbers and other critical data were exposed. “It should have been protected a little bit better,” he said.
The breach is drawing renewed attention to the cybersecurity vulnerabilities of educational institutions. VenariX, a U.S. cybersecurity firm, also discovered data from 31 other school divisions on the dark web, further raising alarms.
Source: Swifteradio.com
