CKWS reports:
In February the Limestone District School Board launched an investigation after thousands of documents containing personal information including social insurance numbers, addresses, banking and beneficiary information was discovered by a student using a computer at a local school. The records involved both past and present staff dating back to 2001, some 5 thousand people in total.
“As soon as the board learned of this breach of information it immediately shut down our system and contained all of our information and then did an immediate review of our security protocols.”
Read more on CKWS.
TL;DR Folder permissions had been set incorrectly.