Ransomware attack downs Toronto District School Board's technology testing environment

The Toronto District School Board said it suffered a ransomware attack after a threat actor gained access to a technology testing environment used by the board.

 

The Toronto District School Board (TDSB) is the largest school board in Canada and the fourth largest school board in North America. The board manages more than 550 schools with about 235,000 students in their rolls.

 

In a letter addressed to parents and caregivers, the district school board said that it recently became aware of an unauthorised third-party access to its technology testing environment. TDSB technology testing environment is used by the board’s IT team to test programs before they are run live on TDSB systems.

 

Immediately after identifying the unauthorised access, the school board took steps to secure the affected systems and launched an investigation, with assistance from external cyber security experts, to determine the scope of the incident.

 

It has also notified the Toronto Police Service and the Information and Privacy Commissioner of Ontario about the data security incident.

 

TDSB added that its own systems are operating as usual and haven’t been impacted by the ransomware attack.

 

“We are conducting a thorough investigation to understand the nature of the incident, any impact on our network, and if any personal information may have been affected by the incident.

 

“If it is determined that any personal information has been impacted, we will provide notice to all affected individuals,” reads the letter.

 

The school board has not shared more information about the data security incident so far due to the ongoing investigation, however, it has assured parents and caregivers that it will share updates as and when available.

 

At the time of writing, no hacker group has claimed responsibility for the ransomware attack on TDSB.