Dear OC community,
Thank you for your continued support through the past few weeks. We recognize that there are many questions circulating and are making every effort to share information as it is confirmed through the ongoing and active investigation. Below are questions and answers addressing where we are today.
Okanagan College will continue to provide updates as we are able, with a focus on prioritizing our community’s safety and security.
President, Okanagan College
Was it ransomware?
It would be more accurate to call the incident a double extortion attack.
It is now abundantly clear that the intended purpose of the attack was to both steal data and encrypt our IT infrastructure to extort the college. Unfortunately, this type of attack is extremely common, and these particular hackers specifically target education institutions.
Why didn’t you tell us earlier that it was ransomware?
We disclosed pertinent information as it became available, and we notified current students and staff as soon as it became clear that personal information may have been exposed to risk.
It is important to remember that we are still actively responding to and investigating the incident, and we don’t yet have a complete picture of the events. The recovery and investigation process will likely take several months to complete.
How much was the ransom? Why didn’t you just pay it to protect students and staff?
We did not entertain conversations about paying a ransom. Regardless of the amount, even if we had paid a ransom, there still would have been no way to be absolutely certain that it would have resulted in the destruction or even non-publication of any stolen or compromised data.
Where is the compromised data posted? Can I check to see if data belonging to me was posted?
Data that appears to belong to Okanagan College and its stakeholders has been posted on a dark website belonging to a criminal organization. The site cannot be found using normal search engines and you would need a special type of browser to access the site.
We do not recommend that you attempt to find or access the data. The data was posted by hackers, and there is no guarantee that the data is safe to view and has not been infected with malware intended to cause additional harm.
Will you tell me exactly what information belonging me to was compromised?
No. It will take forensic investigators several weeks if not months to process the data, and they will need to review each file line-by-line. As per our notification on January 23, current students and staff should work under the assumption that any personal information provided to the college was subject to risk, and act accordingly. If you haven’t already done so, we strongly encourage you to take advantage of the credit monitoring solution we are providing.
I can see data online, why can’t you?
We are working with cybersecurity professionals who will be evaluating the data. We do not recommend that you attempt to find or access the data. The data was posted by hackers, and there is no guarantee that the data is safe to view and has not been infected with malware intended to cause additional harm.
Support for students and staff
If you need support:
Students can access a wide range of support through Student Services, including Counselling Services. To book a counselling appointment, visit this page. Students can also access mental health support 24/7 through the Province of BC’s Here2Talk page.
Employees can access support, including Counselling and other online services, through the College’s EFAP (Employee and Family Assistance Program) Homewood Health. Log into your Homeweb account at www.homeweb.ca or download the mobile app at www.homeweb.ca/app. More information is available at www.okanagan.bc.ca/efap. If you have any questions, please reach out to your Pension & Benefits Coordinators at: [email protected].
For additional information about the Cyber-Incident and Network Updates, see: https://www.okanagan.bc.ca/cyber-incident-and-network-updates