Contact and social insurance details belonging to some students, employees’ bank account numbers and images of cheques were among the data exposed in a hack against a Winnipeg school division.
Pembina Trails School Division announced some of the findings of its investigation into a December 2024 cybersecurity breach that led to student and staff information being published on the dark web.
The division said personal information belonging to some students who were enrolled at 12 schools between 1999 and 2024 was exposed.
South Pointe School in the Pembina Trails School Division is one of those affected by a December 2024 cybersecurity breach. (John Woods / Free Press files)
The schools are: Acadia, Bairdmore, Crane, Fort Richmond, Oakenwald, Pembina Trails Collegiate, Ralph Maybank, St. Avila, Shaftesbury, South Point, Vincent Massey and Viscount.
Details include students’ names, dates of birth, social insurance numbers, passport numbers, health card numbers, personal health details and disciplinary or behavioural information.
Teachers and other staff who were employed between 2001 and 2024 division-wide were also affected. Names, dates of birth, contact information, provincial health numbers and bank account numbers were breached.
Some social insurance numbers, personal health information and details of disciplinary action were accessed.
Hackers posted images of passport photo pages belonging to two teachers when they tried to sell the stolen data on the dark web last
Pembina Trails School Division cybersecurity rating report: https://www.rankiteo.com/company/pembina-trails-school-division
"id": "PEM1764800555",
"linkid": "pembina-trails-school-division",
"type": "Breach",
"date": "12/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': 'Students enrolled '
'between 1999-2024 '
'and staff employed '
'between 2001-2024',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Pembina Trails School Division',
'size': None,
'type': 'Educational Institution'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Acadia School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Bairdmore School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Crane School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Fort Richmond School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Oakenwald School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Pembina Trails Collegiate',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Ralph Maybank School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'St. Avila School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Shaftesbury School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'South Pointe School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Vincent Massey School',
'size': None,
'type': 'School'},
{'customers_affected': 'Students',
'industry': 'Education',
'location': 'Winnipeg, Canada',
'name': 'Viscount School',
'size': None,
'type': 'School'}],
'customer_advisories': 'Public announcement to affected students '
'and staff',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Yes',
'file_types_exposed': ['Images of passport photo '
'pages',
'Images of cheques'],
'number_of_records_exposed': None,
'personally_identifiable_information': 'Names, '
'dates of '
'birth, '
'social '
'insurance '
'numbers, '
'passport '
'numbers, '
'health '
'card '
'numbers, '
'contact '
'information',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal '
'Identifiable '
'Information',
'Health Information',
'Financial '
'Information',
'Disciplinary '
'Records']},
'date_detected': '2024-12',
'description': 'Contact and social insurance details belonging '
'to some students, employees’ bank account '
'numbers and images of cheques were among the '
'data exposed in a hack against a Winnipeg school '
'division. Personal information belonging to some '
'students and staff was published on the dark '
'web.',
'impact': {'brand_reputation_impact': 'Likely significant',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Personal and sensitive '
'information of students and '
'staff, including social '
'insurance numbers, passport '
'numbers, health card numbers, '
'bank account numbers, and '
'disciplinary records',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': 'Possible',
'operational_impact': None,
'payment_information_risk': 'High',
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': 'Yes',
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': 'Yes',
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'CBC News',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': ['PIPEDA',
'Potentially '
'provincial '
'education '
'privacy '
'laws'],
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Public announcement of '
'breach details',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'title': 'Pembina Trails School Division Cybersecurity Breach',
'type': 'Data Breach'}}