An educational software provider that supports more than 60 million students and teachers across North America has been the victim of a cyberattack that resulted in sensitive information being exposed.
PowerBook, which offers a variety of cloud-based software solutions to K-12 schools and districts, confirmed that it became aware of a cybersecurity incident in the final days of the 2024.
The company further said that the data breach had resulted in stolen names and addresses, with some customers also having more sensitive information exposed, such as Social Security Numbers (SSNs), personally identifiable information, medical information, and grades.
Personal Data Stolen
PowerSchool says that it became aware of the breach – originally reported by BleepingComputer – on December 28th after information was stolen from its system that stores the history of grades, attendance, and other records of the students.
An internal investigation came to the conclusion that the perpetrator had used “compromised credential to access one of our community-focused customer support portals.” which then enabled them to extract database CSV files containing student and teacher data.
This just in! View
the top business tech deals for 2025 👨💻
PowerSchool has confirmed that the affected databases included names, addresses, phone numbers, Social Security Numbers, grade point averages, bus stops, passwords, notes, alerts, student IDs, parent information, and medical information. However, not all of that information is held for all of the affected students and teachers.
‘Reasonable Assurances’
PowerBook informed its customers of the incident on January 7th, confirming the “unauthorized access to certain information.”
Unsurprisingly, it appears that the motive behind the breach is money, with the company confirming that it has paid the cyber-attacker an undisclosed sum of money not to release the information that they had stolen.
In return, it has received “reasonable assurances from the threat actor that the data has been deleted and that no additional copies exist” and has seen a video of the deletion.
BeepingComputer reports that the company has attempted to mitigate the ransomware breach by rotating the passwords for all customer support portal accounts and and establishing tighter password policies. It is also monitoring the dark web to see whether any of the data is made available to purchase.
Cyberattacks and Hacks
The BleepingComputer report lists a multitude of school districts in the US and Canada that are known to have been affected by the breach, covering areas as geographically diverse as California to Ontario. Cybersecurity company CrowdStrike is expected to release a final report on the incident later this week.
Ahead of that, the story says, PowerSchool is continuing to notify its contacts at the affected districts and providing them with “a communications package that includes outreach emails, talking points, and FAQs to help inform teachers and families about the incident.”
Despite the prevalence of information about measures businesses can take to ensure their cyber security, stories about major hacks of companies and institutions continue to emerge with disturbing regularity.
Only last week, news emerged of a hacker breaching a UN recruitment database. While recent data breaches at Comcast and Dell affected more than 200,000 and 10,000 victims respectively.
And perhaps most troubling was a story from October when a harmful ransomware attack caused an IT outage at a Texas hospital that resulted in patients being turned away.
