我们就PowerSchool数据泄露事件进行了更新，并提供了有关如何申请PowerSchool提供的信用监控和身份保护的详细信息。此次泄露影响了加拿大和美国许多学校董事会。

请仔细查看此信息，了解可能受到的影响，以确定接下来的步骤。

发生了什么？

CBE于2025年1月7日获得PowerSchool的一起涉及PowerSchool应用程序的网络安全事件的通报，该应用程序用于管理学生信息。我们立即展开内部调查，以确定泄露的原因，并评估可能已被泄露的信息。我们继续与PowerSchool合作，以了解此次泄露的范围和程度。

谁受到了影响？

当前和前学生和工作人员的记录已被访问。

学生：此次泄露影响自2018年9月CBE开始使用PowerSchool作为学生信息系统以来曾参与CBE系统的学生。此外，自PowerSchool推出后，也将以往年度的学生数据转入其中，这意味着自2018年9月之前曾参与CBE系统的学生可能也受到影响。

工作人员：此次泄露影响自2018年9月PowerSchool实施以来参与CBE系统的当前和前工作人员。这包括教师、行政人员、承包商和其他将其信息输入PowerSchool的雇员。

我们正在积极努力确定从CBE先前系统导入的工作人员数据，以建立可能受到此次泄露影响的历史工作人员的明确时间线。

受影响的信息有哪些？

尽管我们的调查仍在进行，但我们已经与PowerSchool确认了可能被未经授权的用户访问和获取的PowerSchool中存储的个人信息类型。

工作人员信息包括以下内容：

• 名字
• CBE员工编号
• 学校名称代码
• 学校地址和电话号码
• 部门和/或教学专业
• CBE发放的电子邮件地址
• 在有限情况下，家庭电话号码和家庭地址（如果已输入PowerSchool）。

学生信息包括以下内容：

• 名字
• 家庭地址
• 电话号码
• 出生日期
• 性别
• 成绩
• CBE发放的电子邮件地址
• 阿尔伯塔学生ID号码
• CBE发放的ID编号
• 学校名称或学校代码
• 在某些情况下，医疗信息，如过敏反应、药物、疾病状况、阿尔伯塔医疗保健号码、医生联系信息、录入PowerSchool"开放文本"字段和/或支持中的数据，以及其它在紧急情况下用于与教师和其他学校工作人员交流的监护人警报字段中的信息。

PowerSchool报告称，其不希望被泄露的数据被分享或公开。此外，PowerSchool相信数据已被删除，而未进行进一步复制或传播。尽管如此，CBE仍致力于应对此事件，并正在积极与PowerSchool合作加强保障措施，以防止类似事件再次发生。

未受影响的信息有哪些？

CBE未在PowerSchool中存储以下信息：

• 财务或银行信息
• 出生证明
• 驾照
• 移民文件
• ​警察信息检查信件

信用监控和身份保护​​​​

PowerSchool已委托信用报告机构TransUnion和Experian提供两年的免费身份保护服务，适用于从PowerSchool学生信息系统受到影响的所有学生和员工。对于已成年的人，还提供信用监控服务。

我如何获得PowerSchool提供的身份保护？​​

• 访问 Experian IdentityWorks 网站进行注册
• 提供激活码： MPRT987RFK
• 注册截止日期为 2025年5月30日（此日期的MT时间上午11点后激活码将失效）
• 有关产品的问题或注册帮助，请发送电子邮件至 globalidworks@experian.com 

我如何获得PowerSchool提供的信用监控？​​

PowerSchool为已成年的受影响员工和学生提供信用监控服务。

• 访问 PowerSchool的加拿大信用监控 页面，并单击链接进入验证网站
• 输入名、姓和出生年份
• 如果您的身份验证成功，将弹出提供激活码并提供链接至TransUnion's myTrueIdentity网站进行注册的弹窗

我可以在哪里找到最新信息？​​

最新信息已发布在CBE网站上，如果有更多细节可用，我们将继续更新。您还可以查看PowerSchool网站以获取有关此事件的更新。

如有其他问题，请联系 foip@cbe.ab.ca

​We have an update on the PowerSchool data breach and details about how to enroll in the credit monitoring and identity protection offered by PowerSchool. This breach has impacted many school boards across Canada and the United States.​

Please carefully review this information to understand how you may be affected to help determine your next steps.

W​​​hat Happened?

CBE was informed by PowerSchool on Jan. 7, 2025 of a cybersecurity incident involving the PowerSchool application, which is used for managing student information. We immediately began an internal investigation to determine the cause of the breach and assess what information may have been compromised. We continue to work with PowerSchool to understand the scope and extent of the breach.

Who was Im​​pacted?

Records of both current and former students and staff have been accessed. 

Students: The breach affects students who have been part of the CBE system at any time since September 2018, when CBE began using PowerSchool as its student information system. Additionally, historical student data from prior years was transferred into PowerSchool upon its launch, meaning that students who were part of the CBE system before September 2018 may also be impacted. 

We are actively working to identify the student data imported into PowerSchool from CBE’s prior student information system. 

Staff: The breach affects current and former staff who have been part of the CBE system at any time since September 2018, when PowerSchool was implemented. This includes teachers, administrative personnel, contractors and other employees whose information was entered into PowerSchool. 

We are actively working to identify staff data imported into PowerSchool from CBE’s prior systems to establish a clear timeline of historical staff who may have been impacted by the breach.

What Information was Impacted?

While our investigation continues, we have now confirmed with PowerSchool the types of personal information stored in PowerSchool that may have been accessed and acquired by an unauthorized user.

The staff information includes the following:

• First, middle and last names
• CBE employee numbers
• School name codes
• School addresses and phone numbers
• Department and/or teaching specialty
• CBE issued email addresses
• In limited cases, home phone numbers and home addresses if entered into PowerSchool.
  

The student information includes the following:

• First, middle and last names
• Home address
• Phone numbers
• Date of birth
• Gender
• Grades
• CBE issued email address
• Alberta student ID number
• CBE issued ID number
• School names or school codes
• In some cases, medical information such as allergies, medications, medical conditions, Alberta Health Care number, doctor contact information, data entered into “open text” fields on PowerSchool and/or supports, and information from the Guardian Alert field, used to communicate guardian information to teachers and other school staff in emergencies
  

PowerSchool has reported that it does not expect the compromised data to be shared or made public. Additionally, PowerSchool believes the data has been deleted without any further replication or dissemination. Regardless, the CBE remains committed to addressing this incident and is actively collaborating with PowerSchool to strengthen safeguards and prevent similar occurrences in the future.

What Information was not Impacted?​

CBE does not store the following information in PowerSchool: 

• Financial or banking information
• Birth certificates
• Drivers’ licenses
• Immigration documents
• ​Police information check letters 
  

Credit Monitoring and Identity Protection​​​​

PowerSchool has engaged TransUnion and Experian, trusted credit reporting agencies, to offer two years of complimentary identity protection for all students and staff whose information from the PowerSchool student information system was involved. As well as credit monitoring services, for those who have reached the age of majority.

How can I access identity protection being offered by PowerSchool?​​​

• Visit the Experian IdentityWorks website to enroll
  
• Provide the activation code: MPRT987RFK
• The deadline to enroll is May 30, 2025 (The code will not work after 11 AM MT on this date)
• For questions about the product or help with enrolment, please email globalidworks@experian.com 
  

How can I access credit monitoring being offered by PowerSchool?​​

PowerSchool is offering credit monitoring services to involved staff and students who have reached the age of majority in Alberta.

• Visit PowerSchool's Canada Credit Monitoring page ​and click on the link to the validation website
• Enter your first name, last name and year of birth
• If your identity is validated, a pop up will appear that provides an activation code and provides you a link to TransUnion’s myTrueIdentity site to enroll
  

Where Can I Find the Latest Information?​​

The most up to date information is posted on the CBE website and we will continue to update it if more details become available. You may also check the PowerSchool website for updates on this incident.

Should you have any additional questions, please contact foip@cbe.ab.ca