" " Skip To Main Content

Logo Image

PowerSchool Cybersecurity Incident

Pickering College takes the privacy and security of our students and staff seriously. In this regard, in December 2024, a cybersecurity incident involving PowerSchool occurred, which affected the personal information of certain members of our community. The purpose of this notice is to inform individuals associated with Pickering College about the potential impact this incident may have had on their personal information, the measures they can take to protect their personal information, and the steps that have been implemented to safeguard it.

As of February 14, 2025, all affected constituents have been contacted by email or by letter mail.

What happened?

On January 7, 2025, Pickering College was informed by PowerSchool of a cybersecurity incident that occurred between December 21, 2024 and December 28, 2024, involving unauthorized access to certain data of PowerSchool Student Information System (SIS) – a platform we, and many other schools in North America use to store student and staff information. Unfortunately, PowerSchool has confirmed that this data includes personal information pertaining to some individuals within our community.

What actions were taken?

PowerSchool has assured us that they have strengthened their security measures, including enhanced password policies. Furthermore, they have confirmed that the incident has been contained, with no evidence of malware or ongoing unauthorized activity within the PowerSchool environment. PowerSchool has informed us that they have taken all necessary measures to prevent any further unauthorized access or misuse of the affected personal information. They do not anticipate the data being shared or made public, and they believe it has been deleted with no further replication or dissemination.

Pickering College remains fully committed to safeguarding your information and will work diligently to ensure that all necessary protections are in place. Furthermore, Pickering College has notified and is working with the Ontario Information and Privacy Commissioner (IPC) in responding to this incident. You can visit their website at www.ipc.on.cawww.ipc.on.ca.

PowerSchool is offering two years of complimentary identity protection services, provided by Experian, to students and educators whose information was involved. For involved students and educators who have reached the age of majority, in addition to Experian’s identity protection services, PowerSchool is also offering two years of complimentary credit monitoring services provided by TransUnion. Visit their website for more information: https://www.powerschool.com/security/sis-incident/notice-of-canada-data-breach/

You may receive a separate message from PowerSchool in addition to this notice. In the meantime, we encourage you to visit https://www.powerschool.com/security/sis-incident/ for up-to-date information on the incident.

What you can do?

  • If applicable, enroll in the Identity Protection and Credit Monitoring Services that will be offered to you by PowerSchool.
  • If you receive emails, letters, telephone calls or text messages purporting to be from us asking for financial or any other personal information that you were not expecting, please consider the communication to be fraudulent, and contact us to confirm its authenticity.
  • Remain vigilant of any phishing or spoofing attempts. Spoofing is an impersonation tactic used in phishing campaigns to deceive individuals into thinking that a communication, either a letter or email, came from a trusted source and to leverage that to obtain further information or defraud the recipient.
  • Avoid clicking on links or downloading attachments from suspicious emails.

Additional tips and resources for protecting your identity are available at: https://www.priv.gc.ca/en/privacy-topics/identities/identity-theft/guide_idt/.

If you have any questions, please feel free to contact me at privacyofficer@pickeringcollege.on.ca

Thank you for your understanding.