PowerSchool Data Breach What You Need to Know and How It Impacts Students

A data breach at PowerSchool, a popular software provider used by K-12 schools, has affected districts across the United States and beyond. The breach, which was discovered in late December, compromised sensitive information of many students and staff, including Social Security numbers, addresses, birth dates, and more. Schools were not notified about the breach until two weeks after it occurred.

The breach is part of a growing trend of cyberattacks targeting educational institutions. According to the federal government, cyber threats to schools have become an increasingly widespread issue. Between 2016 and 2022, K-12 schools across the U.S. experienced 1,619 cyber incidents, highlighting the growing concern around online security.

Here’s a breakdown of what is known about the recent breach and its impact:

When Did the Breach Happen? Who Was Affected?

The breach began on December 19 and lasted until December 28. Hackers gained unauthorized access to PowerSchool’s platforms, using a remote support tool to access data from several school districts. The exact number of affected districts is still unclear.

PowerSchool serves over 60 million students and more than 18,000 customers across nearly 100 countries, making the scale of the breach particularly significant.

Who Was Behind the Attack?

PowerSchool is collaborating with the Federal Bureau of Investigation (FBI) and cybersecurity firm CrowdStrike to identify those responsible for the breach. As soon as the breach was detected, PowerSchool initiated its cybersecurity protocols and enlisted third-party experts to assist in the investigation.

What Data Was Compromised?

The breach involved various types of sensitive data. For example, Utah Schools for the Deaf and Blind reported that hackers accessed information such as students’ lunch balances, free or reduced meal statuses, locker numbers, and even medical alerts. Fortunately, this school does not store Social Security numbers, so that data was not compromised.

However, other schools were not as fortunate. Randolph Public Schools near Boston reported that the Social Security numbers and birth dates of staff members were accessed during the breach. PowerSchool assured that the stolen data has likely been destroyed, but concerns remain about the impact on affected individuals.

What’s Next?

Despite the breach, PowerSchool has stated that its services remain operational and that there have been no disruptions. The company emphasized its commitment to safeguarding student data privacy and maintaining the security of its applications.

However, some school districts have voiced frustration over the lack of communication from PowerSchool. Officials from the Hurley School District in Wisconsin shared their dissatisfaction on social media, stating that PowerSchool had been in contact with the individual responsible for the data breach and was confident that the stolen data had been destroyed. The district expressed that this information provided little relief, and they continue to press PowerSchool for further answers.

Source: USA Today

Post Comment