Wetaskiwin Regional Public Schools (WRPS) informed parents of a data breach that also impacted the school division in letters to parents on Jan. 9.
Former and current student information stored by U.S. based company PowerSchool was compromised between Dec. 22 and 28 and affected school boards across North America.
"WRPS identified that both teacher and student profile information was compromised," said WRPS superintendent Mike Wake.
After completing an internal audit, WRPS determined that student demographic information, including student names, addresses, dates of birth, home phone numbers and basic medical information, may have been accessed.
No passwords, financial data, or student grading information were affected.
WRPS said compromised teacher information could teacher names, mailing addresses, home phone numbers, email addresses, and employee IDs.
"We have been assured by PowerSchool that all appropriate steps to prevent the data involved from further unauthorized access or misuse. We have also been assured that PowerSchool does not anticipate the data being shared or made public, and they believe it has been deleted without any further replication or dissemination," stated WRPS.
"PowerSchool and its cybersecurity teams are actively monitoring for any leaked information, and no data has been leaked as of now.
"Over the past two days, we have participated in information sessions to understand the next steps," stated the letter.
"Preventative measures have been taken, and affected adults will receive credit monitoring, while minors will receive identity protection services."
WRPS will be sending further information to families that have student medical information that may have been breached. A finalized forensic report is expected by Jan.17, 2025.
"We will keep you updated as we receive more information from PowerSchool," said Wake.
School boards in multiple provinces have been affected by a data breach involving software used by schools across North America to store student information.
Officials in Ontario, Alberta, and Newfoundland and Labrador say they are working with PowerSchool to determine the extent of the breach.
PowerSchool said in a statement it has taken “all appropriate steps” to prevent further unauthorized access or misuse of the affected data.
The company says the incident is “contained,” and it does not anticipate the data will be shared or made public.
PowerSchool said it is providing services to its customers as usual as it continues to investigate the data breach.
“We take our responsibility to protect student data privacy and act responsibly as data processors extremely seriously,” it said in its statement.
- With files from the Canadian Press