Cybersecurity Incident Updates | Hanover School Division

PowerSchool Breach

On January 7, 2025, the Hanover School Division was notified by our student information system (SIS) provider, PowerSchool, that a cybersecurity event had occurred in late December and that some of our PowerSchool data was accessed.

Communications

FREQUENTLY ASKED QUESTIONS (FAQ)

Updated Feb. 6, 2025

The incident

1. What happened?
On January 7, 2025, PowerSchool informed the Hanover School Division that it had experienced a cybersecurity incident involving unauthorized access to certain customer information in late December 2024. Hanover School Division is a customer of PowerSchool, like many other educational institutions across North America. PowerSchool provides a Student Information System (SIS).

PowerSchool also informed us that the unauthorized access included access to information related to the Hanover School Division. PowerSchool will be notifying individuals by email and we understand the email will be sent from ps-sis-incident@mail.csid.com. We understand these emails will be sent by PowerSchool in the coming weeks.

IMPORTANT: PowerSchool’s notification may indicate that your Social Insurance Number was exposed, but we wish to clarify that this is not the case. Rather, our Division stored alternate data in the Social Insurance Number field—specifically the 9-digit Manitoba Education and Training Number (MET), which is a unique student ID that the province creates for each student who enrolls in a Manitoba public school. As noted in our previous correspondence, we can advise that no parent/guardian, staff, or student Social Insurance Number (SIN), banking, or credit card information has been identified as stored in our SIS.

Whether or not you receive an email, you may also visit PowerSchool’s website to learn how to activate the identity protection and/or credit monitoring services. Anyone, including those under 18, can utilize the identity protection services. You may not be able to access the credit monitoring services immediately, as PowerSchool is still updating its list of eligible individuals. PowerSchool indicated that its updates should be completed by the end of February. PowerSchool has advised that you can call 833-918-7884 if you have any questions.

We have been informed that PowerSchool has contained the incident and that there is no evidence of malware or continued unauthorized activity in the PowerSchool environment. There have been no operational impacts on the Hanover School Division as a result of this incident.

2. Who did this and for what purpose?
This incident occurred at PowerSchool. We await additional details about the incident from PowerSchool. Unfortunately, organizations across the public and private sectors are increasingly being impacted by incidents like this.

3. How did you respond to the incident?

Upon becoming aware of the cybersecurity incident, The Hanover School Division has been working diligently to investigate, to request more details from PowerSchool and ask questions about the details it has provided to date. We have also been investigating this incident ourselves, with assistance from experts. We continue to work diligently to request more details from PowerSchool and ask questions about the details it has provided to date.

PowerSchool has informed us that it has taken various response actions, including containing the incident, informing law enforcement, investigating the incident, conducting a full internal password reset, and tightening password for all its internal accounts.

PowerSchool is in the process of notifying Canadian regulators about this incident. The Hanover School Division has already notified the Manitoba Ombudsman.

PowerSchool will be notifying individuals by email and we understand the email will be sent from ps-sis-incident@mail.csid.com. We understand these emails will be sent by PowerSchool in the coming weeks.

4. How long will the investigation take?
PowerSchool has advised it intends to provide additional details shortly. Once we have additional details from PowerSchool, we will seek to complete our investigation as quickly as possible.

5. Has the incident been resolved?
We have been informed that PowerSchool has contained the incident and that there is no evidence of malware or continued unauthorized activity in the PowerSchool environment. There have been no operational impacts on the Hanover School Division as a result of this incident.

The response

6. Has law enforcement been notified?
Yes, PowerSchool has advised us that it has notified law enforcement.

7. Has the Manitoba Ombudsman been advised?
Yes, the Manitoba Ombudsman has been advised.

The impact

8. Why did this happen to the Hanover School Division?
PowerSchool is a vendor used by many educational institutions in North America. We are a customer of PowerSchool and, as a result of the incident experienced by PowerSchool, we were impacted. We have no reason to believe that Hanover School Division was a specific target in this incident.

The data

9. Has information been accessed? Was information from the Hanover School Division exposed?
PowerSchool confirmed that there was unauthorized access to certain PowerSchool customer data, including data related to the Hanover School Division. PowerSchool’s investigation is ongoing and we await additional details from PowerSchool.

Based on our own investigation to date of the information stored in our SIS, we can advise that no parent/guardian, staff, or student Social Insurance Number (SIN), banking, or credit card information has been identified as stored in our SIS . PowerSchool has nevertheless advised us that the identity protection and credit monitoring offers mentioned above will be sent to all individuals with any information involved.

Feb 27	Admin/PD Day (No Classes)
Feb 28	Admin/PD Day (No Classes)
Mar 4	HSD Board Meeting (Public)