Pembina Trails School Division accounting spreadsheets leaked online after cyberattack

CBC News

· Posted: May 02, 2025 2:09 PM EDT | Last Updated: 11 minutes ago

Accounting spreadsheets from Pembina Trails School Division were leaked online aft they were accessed during a cyberattack that deed the part successful December, but it is inactive unclear what accusation was successful those documents.

The spreadsheets are only a chunk of the information stolen from the southbound Winnipeg schoolhouse part during a breach carried retired by a hacker radical known arsenic Rhysida. 

The part confirmed successful aboriginal April the radical demanded a ransom to get the information back, but said it wasn't paid. 

The radical past advertised the merchantability of idiosyncratic accusation and photos of students, teachers and unit going backmost to 2011 connected the acheronian web — a portion of the net that can't beryllium accessed with a accepted web browser. 

When nary 1 bought the data, the radical uploaded it online.

After the incident, Pembina Trails engaged a radical of experts to reappraisal the files that had been leaked. In an update connected Thursday, the part said that reappraisal has truthful acold identified 3 categories of information that were compromised.

There is inactive nary grounds that a database including unit payroll accusation has been accessed, but a spokesperson for the part told CBC News accounting spreadsheets, which were saved successful the division's web drive, were among the files posted online. 

The division's experts, combing done the data, person yet to find what benignant of contented is successful these documents. 

Educational videos, student assignments stolen

A ample radical of miscellaneous files that had been saved successful the division's web retention and shared with students and unit astatine a twelve schools were besides stolen successful the onslaught and aboriginal posted online. 

That included acquisition videos, acquisition plans and pupil assignments from respective schools — Acadia, Bairdmore, Crane, Fort Richmond, Oakenwald, Pembina Trails Collegiate, Ralph Maybank, Shaftesbury, South Point, St. Avila, Vincent Massey and Viscount, the part said.

The reappraisal besides confirmed that, arsenic the part antecedently reported, databases that included personal accusation from students who attended the part betwixt 2011 and 2024 were leaked to the web. 

The schoolhouse part had antecedently said that wellness recognition numbers, parents' oregon guardians' interaction information, and the astir caller photos of immoderate students had been accessed during the cyberattack. 

Pembina Trails said it has been moving with a third-party information vendor to heighten information monitoring of its exertion systems. 

"Unfortunately, organizations crossed the nationalist and backstage sectors are being repeatedly targeted by cybercriminals," the part said successful its update. 

"Nonetheless, we are emerging stronger from this experience."