The Toronto District School Board is investigating a recent ransomware attack that affected its testing environment. The Toronto board is Canada’s largest school board, serving approximately 238,000 students across 600 schools in the city of Toronto.
The board stated that it had taken immediate action and launched an investigation upon becoming aware of possible intrusion.
Toronto District School Board’s Investigation Underway
The school board stated that the incident had affected its testing environment, which had been used to evaluate new technology and programs before being deployed on systems. The board’s cybersecurity team had taken immediate action upon discovering the incident, securing systems and preserving data. The Toronto District School Board had notified details of the incident to the Toronto police and the Information and Privacy Commissioner of Ontario.
In its letter of notification sent to parents and guardians, the Toronto District School Board stated that it had launched an investigation with the aid of third-party experts to fully assess the nature and scope of the incident. This includes potential compromise of its networks or breach of sensitive personal information.
The letter added, “If it is determined that any personal information has been impacted, we will provide notice to all affected individuals. We understand that news of a cyber incident is concerning, but please know that we are doing everything possible to learn more about what occurred and address this situation.
Impact Unknown; More Details Expected Soon
Despite the attack, the district school board’s systems remained fully operational and functional. While only the school’s testing environment had been affected, Humber College cybersecurity expert Francis Syms remained concerned over the incident, as personal information is sometimes used on test environments. He added that test environments are usually not secured by multifactor authentication, potentially making data easier to access.
However, he admitted that he was not aware of the testing system being used, as he was not part of the investigation team. The Toronto District School Board did not clarify whether the testing environment or its data contained any personal information.
Ryan Bird, a spokesperson from the school district board, disclosed to CityNews Toronto that the full extent of the breach was unknown, or if any personal data had been compromised in the attack, but further details would be revealed by the end of the day.
The Cyber Express team has reached out to the Toronto District School Board for further details and investigation results, but no responses have been received as of yet.
Toronto’s cybersecurity defenders have observed an uptick in cyberattacks in recent years, from both financially-motivated hackers and ‘hacktivists’ disrupting public systems. Some attacks occur during sensitive times such as elections, global conflicts, or visits by foreign leaders. However, ransomware attacks remain the most common form of attacks.
City officials have been working with several agencies to rebuild trust in the safety of public systems and services. Charles Finlay, Toronto resident and executive director at Rogers Cybersecure Catalyst, had earlier stated to the Toronto Star, “I think the city has to be more forthcoming about what it is doing to ensure that those services are secure from cyber-attacks.”
The City had witnessed several attacks on its public institutions such a Cl0p ransomware intrusion into the City of Toronto’s computer systems as well as an attack last year on the Toronto Public Library’s computer systems.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.