Tech problems persist 26 days after Regina Public Schools was hit by a cybersecurity attack, teachers say.
The school division took its systems offline after the May 22 attack. Last month, CBC News reviewed a copy of a note from an organization called BlackCat/ALPHV, which experts say is well known for employing ransomware attacks.
The note alleges that 500 gigabytes of files belonging to RPS have been encrypted, and that the group now possesses copies of data ranging from tax reports and health information to passports and social insurance numbers.
Internet has only partially been restored at RPS since the attack. CBC News spoke with four teachers at four different schools who say they don't have access to the main network that all teachers' laptops use.
Among other things, they can't access any of their emails from before the hack, or the RPS website, and printing is much harder. Teachers have had to hotspot wifi from their cellphones.
CBC has chosen not to name the teachers, as they weren't authorized to speak publicly about the issue.
The student Wi-Fi network is the only one of three networks that has been reconnected.
One teacher described it as an "unsettling feeling of being disconnected at work."
Teachers also can't access the staff shared drive. "I know many folks kept a great deal of resources on there," a teacher said.
"I have a couple of colleagues that have lost multiple years of material, and there doesn't really seem to be a clear timeline if or when that stuff will ever come back."
Hackers took staff personal information
Teachers say the school division has told them that the hackers were able to garner access to basic personal information of staff members on the payroll, including addresses and names.
"We have been assured that there's been no pressing personal information taken," a teacher said.
Payroll is on a separate server.
I have a couple of colleagues that have lost multiple years of material, and there doesn't really seem to be a clear timeline if or when that stuff will ever come back. - Regina Public Schools teacher
"We've been assured that they wouldn't have, like, social insurance numbers or any type of banking information," the teacher said.
However, the school board cautioned that if hackers have personal information, they could potentially find their way into teachers' banking information, the teachers added.
On Wednesday, teachers received an email, obtained by CBC News, that RPS is making a credit monitoring service available to all staff.
"We have no indication that employees' personal identifiable information has been compromised, and this service is intended to provide our team members with added peace of mind about the integrity of their personal information," the email says.
Teachers say they have access to the grading system, which is on an outside server. They know they'll be able to finish up their report cards, but don't have any word on whether they can print them or send them home. However, parents can see their children's grades online using Edsby.
Most applications to resume by Friday: board
RPS says it won't comment further on the cyberattack as it's still working through the process to return all its systems.
"With respect to in-school learning, while there are some inconveniences, teaching and other school-based staff have the resources that they need to complete the school year," supervisor of communications Terry Lazarou wrote.
The board expects most applications and user-facing systems to resume by Friday, according to Lazarou.
Shawn Davidson, president of the Saskatchewan School Boards Association, says cybersecurity is an evolving issue for school divisions.
"Partners in Saskatchewan's education sector, including school boards, continue to work collaboratively on cybersecurity," he wrote in a statement.