The Pembina Trails School Division (PTSD) has confirmed that a backup of its 2021 student database has surfaced on the dark web, containing sensitive information on students spanning the last decade.
According to a letter sent to affected families, the leaked data includes names, dates of birth, gender, school photos, parent contact details, and personal health identification numbers. In some cases, the records go further, revealing health concerns, immigration status, and previous educational institutions attended.
While the breach does not involve financial information, the scope of personal data is extensive. “If you were a student at Pembina Trails School Division at any time since 2011, your information was likely included in the compromised file,” the letter states.
This breach appears to be connected to a cybersecurity incident first disclosed in December 2024. Since then, the school division has engaged third-party cybersecurity specialists to conduct a full investigation. Law enforcement and the Manitoba Ombudsman have been notified, and outreach to current and former students is ongoing.
The division expressed deep regret over the breach and urged its community to stay alert for possible phishing attempts or scam calls. They emphasized that attackers may attempt to exploit concerns through social engineering tactics.
As investigations continue, the incident adds to growing concerns over data security within educational institutions, which are increasingly becoming targets of cybercrime.
