Cybersecurity experts warn parents after PowerSchool data breach
Posted January 14, 2025 6:54 pm.
Last Updated January 16, 2025 8:30 am.
Students at St. Albert schools are among hundreds in Alberta and across the country who have been affected by a data breach involving their information software.
Experts are now warning parents to be on the lookout.
“What’s scary about this is the amount of information that these attackers could use now that these know so much about you,” explained Ivo Wiens, a cybersecurity expert.
Last week the St. Albert School Division sent out a letter to parents, informing them of a breach involving PowerSchool, an application used to store students’ information.
“Children are particularily vulnerable online and this only makes it worse because somebody could have access to that very personal infromation that belongs to children,” said John Zabiuk, Cybersercuity program chair at NAIT.
The letter says information like students’ names, family names, date of birth, phone numbers and addresses were compromised.
“That’s enough information to really start a false identity,” said Zabiuk.
Cybersecurity experts say with that much information, attackers can use fake social insurance numbers to apply to things like loans and credit cards, now or in the future.
“Let you bank know that this happens so if they received any requests for new cards or anything along those lines that they flag on that account,” said Zabiuk.
One St. Albert parent who didn’t want to be identified told CityNews she was concerned after receiving a notification of suspicious activity on her son’s bank account the same day she knew about the breach. While they are unable to verify if it is related to the PowerSchool breach, experts say similar fraud attempts could likely happen.
“It’s a likely scenario, especially when you’re reusing passwords,” Wiens. “Do not re-use passwords. Do not share passwords.”
PowerSchool confirmed they “took immediate action to cease further unauthorized access to information within the system.” Experts say that’s little reassurance, and parents should still be alert.
“You as a parent could go through and look at the browsing history for your child’s browser’s session, but I’ll stress it’s really important to talk to your kids about this,” said Zabiuk
Wiens adding, “Continue to be careful about phishing emails. And be more vigilant when they’re acting like they know your child’s name. They probably don’t.”
While the Edmonton Public School Board confirmed that they have not been impacted, the Edmonton Catholic School Division is also among those hit by the data breach.
Correction: a previous version of this article incorrectly transcribed a quote about re-using passwords. The word “not” has been added.
