23-07-2025
Federal probe ends into cybersecurity breach that impacted school systems, including SMCDSB
The federal privacy watchdog has ended its investigation into a cybersecurity breach involving a student information system used across Canada, including the Simcoe Muskoka Catholic District School Board (SMCDSB).
In January, the Simcoe Muskoka Catholic board issued a letter to families notifying of a cybersecurity breach of the PowerSchool portal - the Student Information System.
'We use this system to store our student-related data. The breach occurred on PowerSchool's server and has impacted many school districts across North America and even internationally,' the SMCDSB January 8 letter stated.
The breach exposed personal data such as names, contact information, birth dates, and, in some cases, medical details and Social Insurance Numbers of students, educators, and parents.
Pauline Stevenson, communications manager for SMCDSB, confirmed to CTV News in May the board had been told all its student data had been deleted and that the board had not received any ransom requests from hackers.
The board said while hackers had accessed a PowerSchool support portal, its network had not been compromised.
'PowerSchool is confident that this situation is resolved and they believe your child's data is secure,' the January letter added.
On Tuesday this week, the Office of the Privacy Commissioner of Canada said it was satisfied with PowerSchool's response to the incident, including actions to contain the breach and improve security.
While the federal investigation has ended, provincial privacy offices in Ontario and Alberta are continuing their own reviews.
With files from The Canadian Press
