PowerSchool Starts Notifying Victims of Massive Data Breach
Summary:
In December, 2024, PowerSchool, a K-12 cloud-based software provider serving over 60 million students and 18,000 customers worldwide, experienced a breach where attackers were able to gain unauthorized access to its customer support portal, PowerSource. Sensitive data from 6,505 school districts was allegedly stolen, including personal information such as names, addresses, contact details, Social Security numbers, medical records, and grades. Although PowerSchool stated the breach affected only a subset of customers, the threat actor allegedly behind the attack claimed to have exfiltrated data on 62.5 million students and 9.5 million teachers, suggesting the breach was far more extension.
Security Officer Comments:
The exact number of impacted individuals has yet to be reported by PowerSchool. However, this includes current and former students, if applicable, their parents and guardians, and also educators in the U.S., Canada, and abroad. PowerSchool states that it has not experienced any operational disruptions, nor does it have evidence to conclude that other PowerSchool products were affected due to the attack. The software provider is currently working with cybersecurity professionals and law enforcement to determine the full scope of the attack.
Suggested Corrections:
With PII data being potentially stolen by the adversaries, this data could be further used to conduct targeted phishing attacks, social engineer impacted victims, and commit identity fraud. PowerSchool says it has reached out to the impacted individuals and is offering two years of complimentary identity protection services for all students and educators whose information was involved. It is also offering two years of complimentary credit monitoring services for all students who have reached the age of majority and educators whose information was involved.
Link(s):
https://www.powerschool.com/security/sis-incident/
In December, 2024, PowerSchool, a K-12 cloud-based software provider serving over 60 million students and 18,000 customers worldwide, experienced a breach where attackers were able to gain unauthorized access to its customer support portal, PowerSource. Sensitive data from 6,505 school districts was allegedly stolen, including personal information such as names, addresses, contact details, Social Security numbers, medical records, and grades. Although PowerSchool stated the breach affected only a subset of customers, the threat actor allegedly behind the attack claimed to have exfiltrated data on 62.5 million students and 9.5 million teachers, suggesting the breach was far more extension.
Security Officer Comments:
The exact number of impacted individuals has yet to be reported by PowerSchool. However, this includes current and former students, if applicable, their parents and guardians, and also educators in the U.S., Canada, and abroad. PowerSchool states that it has not experienced any operational disruptions, nor does it have evidence to conclude that other PowerSchool products were affected due to the attack. The software provider is currently working with cybersecurity professionals and law enforcement to determine the full scope of the attack.
Suggested Corrections:
With PII data being potentially stolen by the adversaries, this data could be further used to conduct targeted phishing attacks, social engineer impacted victims, and commit identity fraud. PowerSchool says it has reached out to the impacted individuals and is offering two years of complimentary identity protection services for all students and educators whose information was involved. It is also offering two years of complimentary credit monitoring services for all students who have reached the age of majority and educators whose information was involved.
Link(s):
https://www.powerschool.com/security/sis-incident/