Cybersecurity attack on PowerSchool exposes personal data of students and staff

An “unauthorized party” breached the network on December 28

Cyberattack on PowerSchool

On January 7, 2025, PowerSchool, a company that provides cloud-based student information systems, announced that a cyberattack had been made on it, which caused a big data leak. A fault in its cloud infrastructure is the main issue, which is used by over 55 million students and 17,000 educational customers in more than 90 countries.

That very same day, the company wrote a letter telling their costumers the story of the breach and also offering them solutions and explanation of the ongoing inquiry and efforts.

Cybercriminals found a way to infiltrate the websites of PowerSchool’s cloud-based platform, the one that is used by so many educational institutions all over the world. By doing so, they got hold of some critical information.

It can also be the case that they have gained access to such personal information as the addresses and other ID details or even stolen academic and professional records. All the same, the company is still valuating the whole extent of the breach, moreover privacy is the most violated of all due to the breach.

The PowerSchool systems are helping in a large number of educational activities, however, the breach brought the security of students and employees' data in question. In its letter to the clients, the company made it clear that it continues to be absorbed in the attempt to grasp what damages the accessible information could cause and take preventive measures to curb them.

In response to the breach, PowerSchool took immediate action, including deactivating the compromised credential, resetting passwords, and enhancing access controls. The company said:[1]

As soon as we learned of the potential incident, we immediately engaged our cybersecurity response protocols and mobilized a cross-functional response team, including senior leadership and third-party cybersecurity experts.

PowerSchool yet to confirm it paid the ransom to protect sensitive data

PowerSchool has confirmed that the security breach was not a ransomware attack but rather an extortion-only incident. Although the company has not disclosed the financial sum paid, the payment was reportedly made to prevent the hackers from publishing the stolen data.[2]

When asked about evidence of data deletion, PowerSchool declined to provide details, leaving questions about the effectiveness of the resolution. CyberSteward also did not respond to requests for further clarification.

PowerSchool has taken several steps to address the breach:

  • Collaborating with law enforcement and third-party cybersecurity experts to investigate the incident.
  • Enhancing security protocols, including password resets and tighter access controls.
  • Offering credit monitoring services to affected adults and identity protection services for minors.
  • Providing tailored communication packages to assist school districts in notifying impacted families and educators.

Additionally, PowerSchool has confirmed that the incident is isolated to the PowerSource portal and does not impact other products or services.[3]

Customers have been reassured by PowerSchool that it has taken the matter seriously and is working on the restoration of both systems and services. They are in the process of evaluating how long it will take to recover, and they will do all what it takes to secure the things for their users and prevent any such activities in the future.

Security of the educational services

PowerSchool’s client base – administrators, school districts, students, and parents – is globally spread and use the company's services to manage different educational programs. The illegal access has led to the ripple effect causing the educational institutions to rethink their data security system. The company advised customers to monitor their accounts and to be cautious due to any fraudulent activity and phishing attempts.

While the probe is ongoing, the customers of PowerSchool are thus left to deal with the irreparable consequences of this cyber attack. What PowerSchool does in this situation will be crucial in the time of putting the affected institutions and the users away from the mess. PowerSchool has made promises to all customers that they will stay informed and continue enhancing their security to prevent future breaches.

Even though company’s cloud-based systems are extensively used by educational institutions all over the world, this incident is a good illustration of the necessity of robust cybersecurity management and the vulnerability of data breaches in a more digitalizing world.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

Ugnius Kiguolis is a professional malware analyst who is also the founder and the owner of 2-Spyware. At the moment, he takes over as Editor-in-chief.

Contact Ugnius Kiguolis
About the company Esolutions

References
Files
Software
Compare