PowerSchool hit by cyberattack which saw student and teacher data stolen
Posted by:
Olivia Smith
PowerSchool, a leading education technology software provider for K-12 schools, confirmed a cyberattack in late December 2024 resulting in the theft of sensitive student and teacher information. The breach involved threat actors accessing the PowerSchool Student Information System using stolen credentials to exfiltrate data tables containing student and teacher details. The stolen information included names, addresses, Social Security numbers, medical information, and grades in certain cases. PowerSchool acknowledged paying a ransom to ensure the deletion of the stolen data, emphasizing that not all customers were affected by the attack. The exact number of individuals impacted by the breach remains unknown, although the company stated that the data was deleted post-payment. While not classified as a ransomware incident, PowerSchool’s decision to pay the attackers for data removal aligns with a trend where cybercriminals prioritize data exfiltration over encryption. The company opted not to disclose the ransom amount due to the ongoing investigation’s sensitive nature. Source: BleepingComputer
Recent Posts1
This haptic vest might be my new favorite Meta Quest 3 accessory
January 12, 2025
