Software company Powerschool experienced a data breach affecting schools across the U.S., where many students’ personal information was stolen.
December 19th through 28th, over winter break, a large data breach took place where hackers hijacked social security numbers, names, addresses, birthdates, grades, and medical records of students.
Powerschool notified their customers, by sending out the following message.
“As a main point of contact for your school district, we are reaching out to make you aware that on December 28, 2024 PowerSchool became aware of a potential cybersecurity incident involving unauthorized access to certain information through one of our community-focused customer support portals,” the company wrote.
School districts in California, Ohio, Massachusits, Maryland, and New Jersey were some of the states affected by this data breach. The data taken varies from district to district depending on the student data they store. In Boston’s Randolph Public Schools (RPS) social security numbers were obtained, while New Jersy’s Bridgewater-Raritan Regional School District’s (BRRSD) breach involved student addresses and names, but social security numbers were not obtained.
FCPS has not been affected by the breach, according to an FCPS spokesperson.
“The data breach is with PowerSchool SIS. FCPS does not use PowerSchool SIS,” Spokesperson Julie Allen said.
Currently, Michelle Reid, the FCPS superintendent has not spoken on the Powerschool data breach.
Information on the hackers have not been released so far, and the FBI is currently investigating who the perpetrators may be. A possible motive for the hackers may be to extort Powerschool for money.
Schools are often involved in data breaches due to their weak cybersecurity and sensitive student data that is stored.
Powerschool hired CyberSteward, a company that specializes in cybersecurity attacks, after the incident. With the companies’ help, Powerschool was able to pay the hackers in order for the student data to be deleted.
The Powerschool data breach is one of thousands that have affected the school districts across the country. Without stronger cybersecurity, many schools will continue to be vulnerable to data breaches like this one.
