PowerSchool Was Breached - and Yes, Pennsylvania school districts are impacted!
Did you receive this email from PowerSchool? Dear Valued Customer,
As the Technical Contact for your district or school, we are reaching out to inform you that on December 28, 2024, PowerSchool become aware of a potential cybersecurity incident involving unauthorized access to certain information through one of our community-focused customer support portals, PowerSource. Over the succeeding days, our investigation determined that an unauthorized party gained access to certain PowerSchool Student Information System (“SIS”) customer data using a compromised credential, and we regret to inform you that your data was accessed.
Here is what you need to know and how to proceed!
Link to a guide to check your PowerSchool instance to see if YOUR data was breached: Click here to download our PDF.
Summary: PowerSchool, a leading education software provider for K-12 schools, recently experienced a significant cybersecurity incident. This breach has potentially exposed sensitive personal information of millions of students and teachers across the United States.
What Happened? On December 28, 2024, PowerSchool discovered unauthorized access to its PowerSource customer support portal. The attackers used compromised credentials to gain access and steal data using an "export data manager" tool3. The stolen data primarily includes names and addresses, but for some districts, it also includes Social Security numbers, personally identifiable information, medical information, and grades.
Impact: The breach affects a subset of PowerSchool's over 18,000 customers, supporting more than 60 million students. While PowerSchool has stated that not all customer data was compromised, affected districts are being notified and offered credit monitoring services.
Response: PowerSchool has taken several steps to address the incident. They have changed all passwords, implemented stronger password policies, and engaged third-party cybersecurity experts, including CrowdStrike, to investigate and mitigate the breach. Additionally, PowerSchool paid a ransom to ensure the stolen data was erased.
Next Steps: If you're a parent, teacher, or student, it's important to stay informed about whether your school district was affected. PowerSchool is providing credit monitoring services to affected individuals and has assured that they are taking all necessary steps to prevent further unauthorized access or misuse of the data.
Link to a guide to check your PowerSchool instance to see if YOUR data was breached: Click here to download our PDF.
Conclusion: This incident highlights the importance of robust cybersecurity measures in educational institutions. PowerSchool's swift response and transparency in addressing the breach are commendable, but it serves as a reminder for all organizations to continually evaluate and strengthen their security protocols.
In less than 60 minutes, the TechSperts at STCNtech will hear your technology needs and outline how our security platforms and hardware support plans can increase your security and wrestle with your technology support woes. Don't trust your technology needs to just anyone, talk to the TechSperts and find out how good your IT security and support can be.
Contact us TODAY - 610-910-9347 - online@stcntech.com or click here
Link to a guide to check your PowerSchool instance to see if YOUR data was breached: Click here to download our PDF. Note: information was taken from PowerSchool and Redditt.
תגובות