A data breach at cloud-based software provider PowerSchool has exposed the personal information of students and staff from multiple Long Island school districts, officials said. At least six additional districts have been affected by the breach, which was discovered on December 28.
PowerSchool provides student information services to over 60 million students worldwide and stores sensitive data such as names, addresses, emails, transcripts, phone numbers, and medical records. An unauthorized party gained access to PowerSchool’s customer data through an employee’s compromised credentials.
The company has confirmed that the breach was isolated to a specific portal and that no other products were affected. However, some districts have taken steps to address the breach, including requiring students and parents to reset passwords and engaging external cybersecurity experts.
“We can confirm that the information accessed belongs to certain [student information system] customers and relates to families and educators,” PowerSchool said in a letter to affected school districts. “The unauthorized access point was isolated to our PowerSource portal.”
Some districts have reported working with their technology teams and PowerSchool to address the breach, while others have put in place protections to prevent further release of sensitive information.
The incident is part of a larger list of schools affected by the breach, which may have impacted hundreds of students nationwide.
Source: https://www.newsday.com/long-island/education/data-breach-school-districts-powerschool-fal4qrt3