Cyber Incident Victim: Sooke School District

On or around May 31, 2018, the Sooke School District in British Columbia disclosed a privacy breach stemming from unauthorized access to a staff member's email account. An external actor compromised the employee's email credentials and used the account to distribute spam messages containing an informational link to other district staff members. Approximately 15 recipients interacted with the malicious link, inadvertently granting the attacker access to their email accounts and the contents within those accounts. The district confirmed the breach occurred when staff clicked the link, though the exact timeframe of initial account compromise remained unspecified in public statements. Superintendent Jim Cambridge publicly acknowledged the incident through a statement reported by BC Local News, characterizing it as a privacy invasion resulting from external hacking activity. The attack vector relied on social engineering through email deception rather than technical system vulnerabilities.

The breach exposed both email account access and stored email contents for at least 16 district staff members – the initially compromised account user plus the 15 who interacted with the malicious link. While the district did not specify whether student or parent data was contained in the breached emails, they proactively issued warnings to parents about potential privacy implications. No evidence suggested broader system infiltration beyond the compromised email accounts. The district's public response focused on breach notification without detailing specific containment measures, forensic findings, or remediation steps taken. Superintendent Cambridge's statement served as the primary official communication channel regarding the incident's nature and scope. The disclosure emphasized the human element in the security lapse, specifically staff members' inadvertent actions in interacting with the malicious content.