Update on PowerSchool Cyber Incident
We are writing to provide another update on the cyber incident involving PowerSchool’s Student Information System – the application used by Lakehead Public Schools and many school boards across North America to store certain student and staff information.
What Happened
On January 7, 2025, PowerSchool informed Lakehead Public Schools and other school boards throughout the province that that it had experienced a cyber incident affecting Lakehead Public Schools. Since then, we have been working with PowerSchool to determine the precise information that was affected.
What Information Was Affected
We have concluded our analysis and can confirm that limited student and staff information was impacted as part of this incident.
For all students who have been enrolled in Lakehead Public Schools since the 2015-2016 school year, the information includes:
- Name, Gender, Date of Birth, Ontario Education Number, Student Number, Home and/or Mailing Address; most recent school enrolled, most recent homeroom class name, enrollment arrival and departure dates, and expected graduation dates; guardian and emergency contact names and phone numbers, doctor’s name and phone number.
- For a small amount of students from other school boards who participated in eLearning courses offered by Lakehead Public Schools, the same data was also affected.
For some students the following additional information was also affected:
- Medical alert notes, guardianship notes related to custodial arrangements, notes regarding reasons for transferring between schools.
With respect to medical alert information, if you provided information to your child’s school about your child’s allergies, medical conditions or injuries when completing the start of school year forms, this information was included in the data that may have been accessed or acquired. Please note that medical information provided to members of Lakehead Public Schools’ Student Support team (e.g. Psychologists, Occupational Therapists, Physiotherapists, Audiologists, Speech-Language Pathologists, and Social Workers) was not impacted by this incident.
This incident did not result in the compromise of any of the following information:
- Financial information, health assessment information, medical records, student academic grades, IEPs, or accommodations.
For all Educators and Administrative staff with PowerSchool SIS or PowerTeacher accounts who have worked in Lakehead Public Schools since the 2020-2021 school year, the information affected includes:
- Name, staff number, main school location, board e-mail address.
For some staff the following additional information was also affected:
- Home address, phone number, high-school department, main classroom number.
- Staff without a PowerSchool SIS or PowerTeacher account were not impacted (e.g. Support Staff such as Custodial staff, Maintenance staff, Student Support Professionals, and Lunchroom supervisors).
We have also prepared an FAQ regarding this incident, and we encourage you to visit that here: www.lakeheadschools.ca/psinfo.
You can also find an FAQ from PowerSchool here: www.powerschool.com/security/sis-incident
Lakehead Public Schools has reported this incident to the Office of the Information and Privacy Commissioner of Ontario (IPC), and the IPC has opened an investigation file. While you are entitled to file a complaint, the IPC has advised that it is not necessary as they are already investigating the matter. For more information about this process, you can visit the IPC’s website at www.ipc.on.ca.
If you wish to have more information about this incident, we invite you to contact us at psinfo@lakeheadschools.ca. Please understand that those who contact Lakehead Public Schools regarding this incident will need to verify their identity before we can release information about the specific impact to their information.
We appreciate your patience and understanding at this time, and sincerely regret any concern this has caused you.
