Pembina Trails cyberattack worsens, probe finds

A ransomware attack against Pembina Trails School Division appears to have affected more current or former students than originally thought, following a review of files published on the dark web.

In an email viewed by the Free Press, the southwest Winnipeg division said student information dating to 2011, contained in a 2021 database, was made available.

Pembina Trails has said a 2024 database, with information dating to 2014, was discovered online during the ongoing investigation.

“Our review of these files has identified a backup of our student information system database from 2021,” division Supt. Shelley Amos wrote in an email to former students or their parents or guardians.

“Our student database contains information for the previous 10 years. As such, if you were a student at Pembina Trails School Division at any time since 2011, your information was contained in that file.”

Students from the 2014-2024 period were previously notified, the division wrote.

The databases contain students’ names, dates of birth, genders, addresses, parent or guardian contact information, their most recent school photo and their personal health identification number.

Some student files contain health concerns or medical alerts, immigration information or names of former schools.

Pembina Trails, which has about 16,000 students in its 35 schools, said financial information is not stored in the student database.

The email encouraged former students to remain ”extra vigilant” in case they receive scam or phishing calls.

The division has said a database that contains staff payroll information could have been accessed in the Dec. 2 cyberattack.

Pembina Trails has not said how the division’s network was infiltrated.

The division hired outside experts to carry out an investigation into the incident. Some systems were taken offline and gradually restored days or weeks later.

The cyberattack was reported to Winnipeg police and the Manitoba ombudsman.

fpcity@freepress.mb.ca