The Toronto District School Board, which is the largest in Canada, had information from students during the 2023/2024 school year exfiltrated following a ransomware attack in June, which the LockBit ransomware operation took responsibility for, The Cyber Express reports.
Attackers compromised TDSB's technology testing environment and obtained access to individuals' names, grades, email addresses, birthdates, school names, and student numbers, said TDSB, which emphasized the "low" data security risk to students as there has been no public exposure of the said information. However, LockBit later threatened to leak the stolen data should TDSB, which is North America's fourth-largest district school board, fail to provide the demanded ransom by September 12. Such a development comes amid a slew of recent cyberattacks against Canada, with retail and pharmacy chain London Drugs and the BC Libraries cooperative being compromised in April. LockBit's disclosure also follows more than a month after a pair of its affiliates pleaded guilty to their involvement in global extortion attacks.
