Students identified as source of teacher data breach

Increased enrolment leaves public school board with $6.1M budget surplus

Students have been identified as the source of the data breach reported Monday night, according to the latest information from Essex County Ontario Provincial Police.

Police were called and teachers were warned to call their bank after a "data breach where personal information of staff was accessed and potentially viewed through a system software vulnerability." 

The potential breach of employee files was identified to be students using a school computer, police explained in a news release issued Tuesday afternoon.

"The school board reported that the involved students have been identified and they do not believe any information was released to any outside source, nor was there any malicious intent by the students involved," the release states. 

An email, sent out to all staff on Monday, stated "at minimum, information that could be viewed includes employee names, address, telephone, birth date, social security and direct deposit information."

Officials did not believe personal information was copied, printed or shared but "the possibility remains that it could have been," according to the email.

The issue came to light when a student told school staff that personal staff information could be viewed through the internal computer network. At least three students were aware of this vulnerability. 

The "software issue" has been rectified and access is no longer available.

Scott Scantlebury, school board spokesperson, would not immediately comment on the matter, saying it was a personnel issue. 

The board has notified the Office of the Information and Privacy Commissioner of Ontario.