Cyber security expert weighs in on data breach at Waterloo public school board
Cyber security expert weighs in on data breach at Waterloo public school board
The Waterloo Region District Public School Board has offered few public details about what it’s calling the “cyber incidents” that impacted its IT system, but one cyber security expert says the breach is concerning.
The public school board has said it was targeted by a criminal group, and confirmed data was stolen. The board has not yet outlined what data was taken.
Ali Dehghantanha, a professor of cyber security at the University of Guelph, said since the school board collects a lot of personal information, his biggest worry with the cyber breach is identity theft and that people’s private information could be used for social engineering attacks.
“If I know your kid’s name, your kid’s school, possibly even the marks of your kids, I can probably set up very interesting and sophisticated attacks and steal a lot of information from you,” he said. “Having that private information could give attackers an upper hand.”
Dehghantanha said the impact of identity theft can be long-lasting.
“Imagine I can steal information, like a SIN number from a kid who is not of age yet, keep it for some time until they get to a specific age and then start misusing it. That would be a really, really tough case to investigate.”
However, he said whoever’s information may have been compromised may not have to worry just yet. He suggested keeping a close eye on financial transactions and to be on alert for receiving random calls.
“We don’t know the scale of the information that’s been leaked out or stolen by the attackers, so currently, we are not in a position to give a good fair assessment of the impact of people.”
On Wednesday the school board said it is working to safeguard people’s personal information, but added it could take weeks before the investigation into how this happened and what was stolen is complete.
Dehghantanha said the investigation requires looking into how the attackers got to the information and what they stole.
“Most of these hacking groups are taking actions to remove their footprints,” he said. “That’s why the investigation would be very very complicated.”
He recommends businesses and corporations take the necessary steps to protect themselves from getting hacked, including changing cyber security procedures, and not storing unnecessary personal information.
“Make sure you have a proper data removal, data destruction procedure policy in place,” Dehghantanha said.
As for users, Dehghantanha said it’s best to only use websites that have two-factor authorization.
“If you make that compulsory, it works 200 times better than making your password policy sophisticated.”
The school board said it expects to release more information on the cyber incidents early next week.
CTVNews.ca Top Stories
Air Canada denying passenger compensation claims for staff shortages, citing safety
Air Canada denied a customer complaint and instructed employees to classify flight cancellations caused by staff shortages as a "safety" problem, which would exclude travellers from compensation under federal regulations. That policy remains in place.

BREAKING | Montreal Pride parade cancelled hours before event due to lack of volunteers
Montreal's Pride Parade has been cancelled due to a lack of volunteers able to guarantee a secure event.
'Amanda got justice': Dutch man accused in B.C. teen sextortion case found guilty on all charges
A Dutch man accused of tormenting British Columbia teen Amanda Todd via online threats has been found guilty of all charges he faced in connection with the case, a jury ruled on Saturday.
Help on the way for central Newfoundland fire Premier says is largest since 1961
The rapid growth of a long-burning forest fire in central Newfoundland has triggered a state of emergency in the area and prompted the province's Premier to urge some nearby communities to prepare for possible evacuation.
Hundreds forced out of their homes as Okanagan wildfire rages on in B.C.
An evacuation order remains in effect in Olalla, a community just north of Keremeos, B.C., as a wildfire classified as 'out of control' continues to grow, impacting nearby residents.
Best time to see the Perseids meteor shower could be this weekend
While the peak of the Perseids meteor shower, one of the brightest of the year, may be next week, now may be the best time to see the astronomical event, according to The Weather Network.
Ottawa on track to spend $200M per year on cannabis for veterans
Ottawa is reimbursing a record number of veterans for medical marijuana, with new figures showing the federal government shelled out more than $150 million in the last fiscal year -- more than double the amount just three years ago.
Actress Anne Heche has 'long recovery ahead' after car crash
Anne Heche remains hospitalized and in intensive care after a car she was driving crashed into a residence in Los Angeles on Friday and became engulfed in flames.
Ottawa's Montfort Hospital closing ER for second night
The Montfort Hospital ER will be closed between 7:30 p.m. and 7:30 a.m., forcing residents in the east end needing emergency care to travel eight kilometres to the Ottawa Hospital General Campus.