PowerSchool, a major education technology provider, revealed that a recent cyberattack resulted in comprehensive data theft affecting current and former students and teachers across multiple school districts.
The breach, which occurred in late December 2024, saw unauthorized actors using stolen credentials to access PowerSchool's Student Information System (SIS) platform. The attackers exploited the "export data manager" support tool to extract extensive database information into CSV files.
The stolen data included names, addresses, and in certain districts, Social Security numbers, personal identification details, medical records, and academic grades. Multiple affected organizations have now confirmed the extensive scope of the breach.
Two school districts, speaking anonymously, reported that the hackers accessed "troves of personal data" including complete historical records of all students and teachers. Menlo Park City School District acknowledged similar historical data theft, while Rancho Santa Fe School District filed an official data breach notice.
RootED Solutions, an educational technology consulting firm based in Boston, highlighted that the breach impacts not only current PowerSchool clients but also school districts that previously used their services.
While PowerSchool has not disclosed the total number of affected schools, the company confirmed this was not a ransomware attack. However, they did make a payment to the attackers in exchange for data deletion.
The incident raises serious concerns about data security in educational technology systems and the long-term implications of storing sensitive student and teacher information.