In October of 2021, CDI College experienced a cybersecurity incident where unauthorized third parties gained access to our IT systems, and accessed some of the personal information that was stored on our servers.
Personal information that may have been involved includes:
- Date of birth
- Phone Numbers
- Email Address
- Mailing Addresses
- Academic Records
- BC identity card
- Permanent residence card
- Driver’s license
- Student loan/grant information
- Credit card information
- Employees only - Bank account information
- Employees only - Health benefits information
- Employees only - Tax credit information
- Dental patients who attended the clinic prior to October 2021 - Patient x-rays and related self-disclosed medical conditions (excluding medical charts)
Who Was Impacted?
Information related to our students and staff prior to October 2021 may have been accessed. At this time we are not aware of any misuse of personal information. However, we do continue to encourage everyone to remain vigilant about unsolicited requests for financial or other personal information, and any unauthorized transactions. Information related to students or staff who started with the college after October 2021 was not accessed.
What Can I Do to Protect Myself?
We recommend the following best practices relating to the protection of personal information for individuals:
- Monitor your financial accounts. If you see anything that you do not understand or that looks suspicious, you should call your financial institution.
- Update your online passwords and use complex and unique passwords. Do not use your CDI College username or password for any personal online accounts;
- Be cautious of any unsolicited communications (phone call, email, etc.) that ask for your personal information or refer you to a web page asking for personal information;
- Avoid clicking on links or downloading attachments from suspicious emails; and
- Report any incident to the appropriate authorities if you notice any suspicious activity, including police services or your financial institution.
What Steps Did CDI College Take?
Upon discovering the incident, CDI College immediately took steps to contain any threat (including taking certain systems offline as a precautionary measure), reported the incident to law enforcement, retained cyber security expert KPMG to conduct a comprehensive investigation, and notified our regulators. CDI College has also made substantial changes to its IT infrastructure to enhance its security.
To date, we are not aware of any misuse of personal information.
Have Questions or Want to Speak to Someone?
We apologize for any inconvenience this situation may have caused. If you have additional questions, please contact us at email@example.com. You can also check this page regularly, as we will aim to provide updates about important developments regarding this regrettable situation. Thank you for your understanding.