INNISFAIL - Red Deer Catholic Regional Schools (RDCRS) division trustees have received an update on a data breach cyberattack that hit the division, and other divisions across Canada, in late December.
The review came during the board’s recent, regularly-scheduled Jan. 28 meeting. The 10,400-student division includes schools in Innisfail and Olds.
The PowerSchool client cyberattack compromised student data including student names, student mailing addresses, dates of birth, student home phone numbers, and basic student medical information, in some cases, such as details about asthma, diabetes or allergies.
Staff emails and full names were also compromised.
“This breach was widespread, impacting PowerSchool clients across Canada, the United States, and other parts of the world. It was not limited to our division,” said division superintendent Kathleen Finnigan.
In an update presented during the Jan. 28 board meeting, she said two cybersecurity firms have been engaged to ensure all compromised accounts, servers, and passwords were thoroughly cleaned to prevent further data exposure.
The division has also been in contact with cybersecurity firms to perform cybersecurity assessments.
“These assessments will provide a baseline of our security governance in our district and detailed information on priorities moving forward,” she said.
“The RDCRS IT team has also been exploring the following implementations to our infrastructure, including mandating multi factor authentication for all staff accounts, only allowing access to our servers and data during scheduled support for our division, and limiting access to servers and service locations in RDCRS schools.”
The division is also “adjusting our password expectations for staff to require an increased length, complexity and rate of updated passwords.”
