Data breach hacks hole in UCDSB budget

April 17, 2025 Phillip Blancher – Local Journalism Initiative Reporter News

BROCKVILLE – A cyber attack which compromised the data of tens of thousands of current and former students, staff, and donors of the Upper Canada District School Board now has a price tag – approximately $3 million.

Trustees learned of the financial impact of the January 2025 hack on the school board at their April 9 meeting.

Executive Superintendent of Business Jeremy Hobbs presented a third financial outlook for the 2024-25 school year, which reported the board was pushed into a compliance deficit of $500,000 for the year.

“That’s primarily driven by the cyber incident, about $3 million dollars,” Hobbs told the board. The expenses included the immediate response to the January 5 incident, consulting fees, restoring services, and adding further security measures.

“That $3 million is offset by other places in the organization where we’re expecting lesser expenses,” he continued. Those reduced expenses left about $1.3 million to be covered by the operational surplus/deficit.

In early January, school board internet services were shut down for several weeks following a cyber attack. Through subsequent investigations by the board and consultants it retained, the UCDSB announced a significant breach of student, employee, and donor data going as far back as 1998. The board has deemed the breach not a significant exposure for identity theft or other issues, but has offered credit monitoring services for some of those affected for two years.

Computer networks and internet access for the nearly 28,000 students and 4,000 staff were eventually restored by late February.

Hobbs continued that the board was in comfortable shape to carry the deficit. By law, Ontario school boards must stay within one per cent of its operating budget for any year-to-year deficits or surpluses. For the UCDSB, that amount is approximately $4.1 million in 2024-25.

The cyber attack on the UCDSB happened around the same time as many school boards across Canada and the United States were hit with a breach at software provider PowerSchool. The UCDSB is a customer of PowerSchool, but the attack is not related to that company’s data breach.

Discover more from Morrisburg Leader

Subscribe to get the latest posts sent to your email.

Since you’re here…

… Thanks for reading this article. Local news is important. We hope that you continue to support local news in your community by reading The Leader, online and in print. Please consider subscribing to the print edition of the newspaper. Click here to subscribe today.

Subscribe to Email Alerts

Enter your email address to subscribe to Email Alerts and receive notifications of new posts by email whenever The Leader publishes new content on our website.