Cyber security expert weighs in on data breach at Waterloo public school board
The Waterloo Region District Public School Board has offered few public details about what it’s calling the “cyber incidents” that impacted its IT system, but one cyber security expert says the breach is concerning.
The public school board has said it was targeted by a criminal group, and confirmed data was stolen. The board has not yet outlined what data was taken.
Ali Dehghantanha, a professor of cyber security at the University of Guelph, said since the school board collects a lot of personal information, his biggest worry with the cyber breach is identity theft and that people’s private information could be used for social engineering attacks.
“If I know your kid’s name, your kid’s school, possibly even the marks of your kids, I can probably set up very interesting and sophisticated attacks and steal a lot of information from you,” he said. “Having that private information could give attackers an upper hand.”
Dehghantanha said the impact of identity theft can be long-lasting.
“Imagine I can steal information, like a SIN number from a kid who is not of age yet, keep it for some time until they get to a specific age and then start misusing it. That would be a really, really tough case to investigate.”
However, he said whoever’s information may have been compromised may not have to worry just yet. He suggested keeping a close eye on financial transactions and to be on alert for receiving random calls.
“We don’t know the scale of the information that’s been leaked out or stolen by the attackers, so currently, we are not in a position to give a good fair assessment of the impact of people.”
On Wednesday the school board said it is working to safeguard people’s personal information, but added it could take weeks before the investigation into how this happened and what was stolen is complete.
Dehghantanha said the investigation requires looking into how the attackers got to the information and what they stole.
“Most of these hacking groups are taking actions to remove their footprints,” he said. “That’s why the investigation would be very very complicated.”
He recommends businesses and corporations take the necessary steps to protect themselves from getting hacked, including changing cyber security procedures, and not storing unnecessary personal information.
“Make sure you have a proper data removal, data destruction procedure policy in place,” Dehghantanha said.
As for users, Dehghantanha said it’s best to only use websites that have two-factor authorization.
“If you make that compulsory, it works 200 times better than making your password policy sophisticated.”
The school board said it expects to release more information on the cyber incidents early next week.
CTVNews.ca Top Stories
Trudeau and Harris? Poilievre and Trump? Here's who Canadians think would work best with: survey
As Americans prepare to elect their next president on Tuesday, new data from the Angus Reid Institute suggests Canadians hold differing views as to which federal party leaders would be best suited to deal with either Donald Trump or Kamala Harris.
B.C. port employers launch lockout at terminals in labour dispute with workers
Employers at British Columbia ports say they are going ahead with locking out more than 700 foremen across the province after strike activities from union members began.
Months after VRBO booking, Taylor Swift fan told home 'not available' during Vancouver concert
A frustrated Taylor Swift fan is speaking out after being pushed from a short-term rental she booked for the upcoming Vancouver leg of the superstar’s Eras Tour.
Felonies, assassination attempts and a last-minute change on the ticket leads voters to Tuesday's U.S. election
A campaign that has careened through a felony trial, incumbent being pushed off the ticket and assassination attempts comes down to Election Day on Tuesday.
Measles cases in New Brunswick more than double in three days
A measles outbreak declared in New Brunswick’s Zone 3 last week, which includes Fredericton and the upper Saint John River Valley, has more than doubled since last week.
Prison sentences handed down for sexually abusive London, Ont. parents
In handing down the sentences for two London parents, Justice Thomas Heeney told the court, "The facts of this case were the most egregious that I have encountered during my 26 years on the bench."
She was diagnosed with Type 2 diabetes about a year ago. Here's how her condition was reversed
A year ago, Lorraine O'Quinn was coping with stress, chronic illness and Type 2 diabetes. Then she discovered a health program that she says changed her life.
Surprise swing state? Iowa poll has Harris suddenly leading
Based on victories in the past two elections and polls leading up to Tuesday’s election, Donald Trump had seemed almost certain to win Iowa, but a new poll has Kamala Harris with a sudden three-point lead.
Russia suspected of sending incendiary devices on US- and Canada-bound planes, Wall Street Journal reports
Incendiary devices that ignited in Germany and the United Kingdom in July were part of a covert Russian operation that aimed to start fires aboard cargo and passenger flights heading to the U.S. and Canada, the Wall Street Journal (WSJ) reported Monday, citing Western security officials.