Data related to students at NWT schools was part of a far wider breach involving a piece of software named PowerSchool, the territorial government said.
PowerSchool is used by K-12 schools across the NWT, Canada and the world.
Late last year, the company has said, someone used a set of credentials to log in to the system and export student information related to a huge number of schools.
The global scale of that breach has become gradually more apparent through a series of news articles over the past two weeks.
Reports suggest the company subsequently paid the hacker to have the data deleted, though the extent to which such a deletion can be reliably verified is unclear.
Advertisement.
Advertisement.
In a Thursday evening news release, the NWT government confirmed some of its education bodies were affected.
The GNWT said data related to the Beaufort Delta Division Education Council, Dehcho Divisional Education Council, South Slave Divisional Education Council, Yellowknife Catholic Schools, and Yellowknife Education District No 1 was accessed by the attacker.
The attack happened within PowerSchool’s software and didn’t involve any aspect of the GNWT’s network, the territory added.
“The breach impacts information stored within the software, including personal identifiable information such as names, mailing addresses, phone numbers, and email addresses for students, parent/guardians, and teachers, as well as student medical information,” the territorial government stated.
“The Office of the Chief Information Officer is leading an analysis and investigation within the NWT. Staff and students within the impacted education bodies will receive information directly from their education body as well as updates as more information becomes available.”
Some experts have said student data can be valuable to hackers as the information could be used to create artificial social insurance numbers for the likes of credit applications.
