Prairie Rose Public Schools say they are among the few not impacted by a data breach. Eli J. Ridder/CHAT News

By CHAT News Staff, Canadian Press

EDUCATION

Medicine Hat public, Catholic schools impacted by now-resolved global data breach

Jan 9, 2025 | 3:40 PM

Medicine Hat’s public and Catholic school divisions said Thursday they were among those affected by a data breach involving software used by the education sector globally to store student information that has now been resolved.

Prairie Rose School Division, however, said it was spared.

School boards across the country said there was a “cyber incident” targeting PowerSchool, a third-party application that’s also used to store some school-based staff information, between Dec. 22 and 28.

The security issue has been resolved and PowerSchool systems are operating securely once again, the two school divisions said in statements Thursday afternoon.

The Medicine Hat Public School Division said in a statement there wasn’t any financial information involved in the breach.

BUSINESS

Canada flag a symbol of 'solidarity' for business in Medicine Hat amid tariff threats

5h ago

IN THE COMMUNITY

'Community Vibrancy' and other grants open for application in Medicine Hat

10h ago

IN THE COMMUNITY

Service dog company looking for volunteers in Medicine Hat

Jan 10, 2025

PowerSchool also told the division that data accessed by an unauthorized user was deleted and no copies were kept or shared.

The public and Catholic divisions both said that strengthened security measures have been put in place to prevent further hacks.

PowerSchool informed Prairie Rose administrators that a “forensic investigation” confirmed the division’s data was not impacted.

“Our tech team has also reviewed our access records and feels our data was not accessed through the cyberattack,” Prairie Rose communications director Angela Baron said in a statement to CHAT News.

“As one of the few who were not impacted, we have been asked to provide information regarding our PowerSchool set up and security to help them with their investigation. We do have a few theories at this point, which have been passed along to the authorities.”

PowerSchool, a U.S.-based provider of cloud software, says in a statement it has taken “all appropriate steps” to prevent further unauthorized access or misuse of the affected data. The company said the incident is “contained,” and it does not anticipate the data will be shared or made public.

Edmonton Catholic Schools posted a letter online that it received from PowerSchool.

“Our investigation determined that an unauthorized party gained access to certain PowerSchool Student Information System customer data using a compromised credential, and we regret to inform you that your data was accessed,” the letter said.

PowerSchool said it is providing services to its customers as usual as it continues to investigate the data breach.

“We take our responsibility to protect student data privacy and act responsibly as data processors extremely seriously,” it said in its statement.