Amidst claims by the LockBit ransomware gang of an attack on the largest district school board in Canada, the Toronto District School Board (TDSB) confirmed that a recent ransomware attack compromised the personal information of an undisclosed number of students from the upcoming 2023/2024 school year. Initially, TDSB had mentioned that the attack only affected a separate testing environment, but a subsequent update revealed that student data, including names, school names, grades, email addresses, student numbers, and dates of birth, was also compromised.
The cybersecurity team at TDSB, along with external experts, assessed the risk to students as “low” and assured that there had been no public disclosure of data. However, the LockBit ransomware gang swiftly claimed responsibility for the attack on the same day, demanding an undisclosed ransom within a two-week deadline. While the claims made by LockBit were not substantiated with any posted documents as proof, they set a deadline of September 12 to leak the compromised data.
In response to the attack, TDSB communicated with parents, highlighting the security measures that were put in place and the collaboration with law enforcement agencies. The school board also disclosed the data breach in compliance with guidelines from the Office of the Information and Privacy Commissioner of Ontario. LockBit’s recent activities come after a law enforcement crackdown in February, where two Russian nationals pleaded guilty to being part of the ransomware group.
Canada has been experiencing a spate of cybersecurity incidents in recent months, with both government networks and private entities falling victim to attacks. London Drugs, a prominent retail and pharmacy chain based in British Columbia, had to temporarily close its stores across Western Canada in April due to a significant cybersecurity breach. Around the same time, BC Libraries reported a separate cyberattack where a hacker attempted to extort payment by threatening to release data if demands were not met.
The cyberattacks on Canadian entities coincide with an official inquiry revealing failed attempts by China to interfere in past elections, despite Beijing’s denial of such allegations. The Canadian Security Intelligence Service (CSIS) issued a report warning of ongoing Chinese cyber-espionage activities targeting Canada’s democratic institutions, economy, and research sectors. CSIS identified China as a state-based threat engaging in cyber espionage across various sectors, posing a risk to Canada’s democratic integrity and national security.
Overall, the cybersecurity landscape in Canada continues to face challenges from both domestic and international threat actors, emphasizing the need for robust security measures and constant vigilance to protect sensitive data and critical infrastructure. As cyber threats evolve, organizations and government agencies must prioritize cybersecurity and collaborate to mitigate risks and prevent further breaches that could compromise national security and public welfare.