The Toronto District School Board (TDSB), Canada’s largest and most diverse school board, has confirmed that student information was compromised in a ransomware attack first discovered in June 2024. This breach, attributed to the notorious LockBit ransomware group, has put the personal information of students from the 2023/2024 school year at risk.
Initially, TDSB reported that the cyberattack targeted a technology testing environment separate from the board’s main networks. However, in a recent update, the school board acknowledged that student data, including names, school names, grades, school email addresses, student numbers, and dates of birth, was indeed present in the compromised environment.
The TDSB has attempted to reassure parents and students by stating that their cybersecurity team, alongside external experts, has determined the risk to students to be low. They emphasized that there has been no evidence of student data being publicly disclosed, based on ongoing monitoring of the dark web and other online sources.
Despite these assurances, the situation escalated on Thursday evening when the LockBit ransomware gang claimed responsibility for the attack. The group has given TDSB 13 days to pay an undisclosed ransom to prevent the release of the stolen data. LockBit’s post, however, did not specify the volume of data taken.
The school board has so far declined to comment on LockBit’s demands but has defended its response to the breach. In a letter to parents, TDSB detailed the steps taken to bolster their security infrastructure and assured that they are working closely with law enforcement on the ongoing investigation. The Office of the Information and Privacy Commissioner of Ontario has also advised TDSB to inform those affected so they can file complaints and take necessary precautions.
LockBit, a ransomware group with a long history of cyber extortion, is attempting to regain prominence following a significant law enforcement crackdown earlier this year. On the same day as their claim against TDSB, the group listed dozens of new victims on their leak site, though experts have noted that many of these posts contain erroneous information or involve entities previously attacked by other groups. This flurry of activity is part of LockBit’s ongoing efforts to reassert itself in the cybercriminal landscape, even as two of its members recently pleaded guilty to using the ransomware to extort victims worldwide.
The breach at TDSB serves as a stark reminder of the vulnerabilities that exist in our educational institutions and the relentless efforts of cybercriminals to exploit them. The situation continues to develop as authorities and the school board work to mitigate the impact on affected students and their families.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
