A nationwide data breach affecting a cloud-based software provider has hit at least four Long Island school districts. PowerSchool, which provides student information services to over 16,000 customers worldwide, was affected. The breached district schools include Massapequa, Smithtown Central, Uniondale, and Nassau BOCES.
The breach was discovered on December 28 when the company notified its clients of a “cybersecurity incident.” Unauthorized access was gained to certain systems, potentially exposing personal information such as staff names, phone numbers, addresses, and Social Security numbers. PowerSchool stated that it has no evidence other products were affected.
The hacker accessed the Student Information System using a compromised credential. The company said the information belongs to students’ families and educators, including those from the affected districts. A joint statement by Nassau BOCES district superintendent and deputy superintendent confirmed that PowerSchool had informed them of the vulnerability’s full remediation.
Precautions are being taken by affected districts, such as initiating password resets for staff. PowerSchool assured it did not anticipate data sharing or public dissemination, stating it has been deleted without further replication or dissemination.
Source: https://www.newsday.com/long-island/education/powerschool-long-island-school-districts-wubu4rgz