PowerSchool Data Breach Exposes Student and Educator Information
2025-01-22
Learn about the consequences of data breaches in the education sector and the critical importance of securing customer support portals to protect sensitive information.
In December 2024, PowerSchool, a major provider of education technology solutions, experienced a data breach affecting its Student Information System (SIS) environments. Compromised credentials were used to access the PowerSource customer support portal, leading to the export of sensitive data including personal information of students and educators. PowerSchool has indicated that the data has been deleted and will not be disseminated, hinting at a possible ransomware attack. The breach impacted numerous schools and districts globally, with significant effects in Virginia and California, among other regions. The company is offering two years of free identity theft and credit monitoring services to those affected.
Sensitive Data, Weak or Compromised Credentials, Third-Party Vendor/SaaS
PowerSchool, Data Breach, Student Information System, Ransomware, Education Technology, Identity Theft
N/A
PowerSchool, Student Information System (SIS), PowerSource, K-12 education, Menlo Park City School District, Rancho Santa Fe School District, Toronto District School Board
In December 2024, PowerSchool, a prominent education technology provider, experienced a significant data breach. This incident primarily affected its Student Information System (SIS) environments, accessed through the PowerSource customer support portal. PowerSchool's solutions are widely used for school operations globally, supporting over 18,000 schools and districts and impacting more than 60 million students. The breach was identified on December 28, 2024, and involved unauthorized access to the SIS environments. Compromised credentials were used to infiltrate the PowerSource portal, allowing attackers to export sensitive data. Fortunately, the breach did not disrupt PowerSchool's operations or affect any other products beyond the SIS. PowerSchool has suggested that the stolen data was deleted and will not be disseminated, indicating a possible ransomware attack. This implies that a ransom may have been paid to secure the deletion of the compromised information. The breach led to the exposure of personal information, including names, contact details, dates of birth, medical information, Social Security numbers, and other related data. The company has offered two years of free identity theft and credit monitoring services to individuals impacted by the breach. The breach had a widespread impact on various schools and districts, particularly in Virginia and California. In Virginia, several counties, including Charlottesville, Fluvanna, Richmond, Russell, and Tazewell, reported being affected. In contrast, Fairfax County Public Schools remained unaffected as it does not use PowerSchool SIS. In California, the Menlo Park City School District reported that around 14,000 individuals, including all current students and staff, were affected. Similarly, the Rancho Santa Fe School District notified the California Attorney General's Office about the breach's impact on its students and teachers. The breach also affected numerous schools in Canada, with the Toronto District School Board being among those impacted. PowerSchool initially disclosed the incident to the SIS community on January 7, 2025, and later provided more details. The company emphasized its commitment to safeguarding sensitive information and is taking steps to enhance security measures to prevent future incidents.PowerSchool Data Breach: Key Details and Impact
Breach Overview
Potential Ransomware Involvement
Data Compromised
Impact on Schools and Districts
Response and Remediation
https://www.securityweek.com/students-educators-impacted-by-powerschool-data-breach/