The Rainbow District School Board in Sudbury, Ontario, has reported a significant cyberattack that compromised sensitive personal data of both students and staff. The breach, which was discovered after technical difficulties began on February 7, exposed a wide range of information, including social insurance numbers, bank account details, and medical records. The data affected spans from 2010 to the present, including personal and academic information for students and staff within the board. The breach has raised concerns, especially as the exposed data involves a considerable number of individuals, including scholarship recipients and employees.
The stolen information includes sensitive details such as social insurance numbers for former students who received scholarships, personal contact information, academic records, and, in some cases, medical and immigration data. Additionally, staff data, including bank account numbers, medical records, and compensation information, was also compromised.
The breach impacts a significant number of people, including both current and former staff members, and former students who have attended Rainbow Schools as far back as 2011.
Following the breach, the Rainbow District School Board implemented immediate measures to protect its systems and data. A system-wide shutdown was carried out on February 7, affecting all 38 schools within the district, which serves Sudbury, Espanola, and Manitoulin Island. The school board also began collaborating with cybersecurity experts and law enforcement to assess the full impact of the breach and secure its systems. While the investigation is ongoing, the board has provided transparency in its response, acknowledging the severity of the situation and expressing regret for the inconvenience caused.
In an effort to support affected individuals, the school board is offering a two-year credit monitoring service to those whose personal data was compromised. This service is available to all current and former staff, scholarship recipients, and students whose information was exposed. The board continues to assess the full extent of the breach with the help of experts and has urged those affected to contact them for assistance.
Reference:
