Student information for those who attended Toronto District School Board as far back as 1985 may have been compromised by a cyber incident that happened in December 2024.
On Jan. 8, the TDSB sent a letter to parents explaining the incident involving the PowerSchool software, which is used by many boards across North America. The data breach happened between Dec. 22-28, 2024.
The Peel and York Region public boards were also among those impacted.
“Our cybersecurity team promptly activated our response plan, taking immediate steps to ensure that our critical systems remain operational,” the TDSB’s Interim Director of Education, Stacey Zucker, wrote in the letter.
For students between September 3, 1985 and August 31, 2017, the following information was compromised:
First, Middle & Last Names
Date of Birth
Gender
Health Card Number
Ontario Education Number • Home Addresses
Home Phone Numbers
TDSB Student Number
TDSB Email Address
First Nations, Métis, Inuit Information
For students between September 1, 2017 and December 28, 2024, the following information was compromised:
First, Middle & Last Names
Date of Birth
Gender
Health Card Number
Grade Level and School Information
Start/End Date as a Student
Ontario Education Number
EQAO Accommodation Information
Medical Information (ie. allergies, conditions, injuries)
Home Addresses
Home Phone Numbers
TDSB Student Number
TDSB Email Address
First Nations, Métis, Inuit Information
Residency Status
Principal/Vice Principal Notes (including discipline notes)
TDSB added they don’t store any Social Insurance Numbers, financial or banking information in the PowerSchool Student Information System, so that information was not affected.
PowerSchool has also said that they received confirmation that the data acquired by an unauthorized user has since been deleted and the data was not posted online.
The TDSB says it takes the incident very seriously and an investigation has been launched by the Privacy Commissioner of Ontario.
