PowerSchool Hack: The Biggest Breach of the Year?
The Breach
PowerSchool, a leading edtech company, confirmed a breach in early January. Hackers used compromised credentials to breach its customer support portal, PowerSource, allowing further access to the company’s school information system, PowerSchool SIS.
The Scope of the Breach
PowerSchool has not disclosed the number of schools and students affected by the breach, despite telling TechCrunch that it had identified the schools and districts whose data was involved. Bleeping Computer reports that the hacker accessed the personal data of over 62 million students and 9.5 million teachers, but PowerSchool has declined to confirm this number.
What Data Was Stolen?
We still don’t know what types of data were stolen. PowerSchool confirmed that the hacker stole "sensitive personal information" on students and teachers, including grades, attendance, and demographics. The company’s incident page also states that stolen data may have included Social Security numbers and medical data. Schools affected by the breach have reported that all of their historical student and teacher data was compromised.
Communication from PowerSchool
PowerSchool has been criticized for its lack of transparency about the breach. The company has refused to answer questions from TechCrunch and has not provided a detailed report on the incident. PowerSchool has told affected schools that they will receive an incident report from CrowdStrike, but several schools have reported that they have not yet received the report.
The Investigation
PowerSchool is working with incident response firm CrowdStrike to investigate the breach. The company’s customers were told that the security firm’s findings would be released on January 17, but the report has yet to be published. CrowdStrike declined to comment when asked by TechCrunch.
The Ransom Payment
PowerSchool has not disclosed how much it paid the hacker responsible for the breach. The company has confirmed that it worked with a cyber-extortion incident response company to negotiate with the threat actors, but refused to say how much the hacker demanded.
Conclusion
The PowerSchool breach has the potential to be one of the biggest breaches of the year. With millions of students and teachers affected, the scale of the breach is massive. PowerSchool’s lack of transparency and refusal to answer questions from TechCrunch has raised concerns about the company’s handling of the incident.
FAQs
Q: How many schools and students were affected by the breach?
A: PowerSchool has not disclosed the number of schools and students affected by the breach.
Q: What types of data were stolen?
A: We still don’t know what types of data were stolen. PowerSchool confirmed that the hacker stole "sensitive personal information" on students and teachers, including grades, attendance, and demographics.
Q: Did PowerSchool pay a ransom to the hacker?
A: PowerSchool confirmed that it worked with a cyber-extortion incident response company to negotiate with the threat actors, but refused to say how much the hacker demanded.
Q: What evidence does PowerSchool have that the stolen data has been deleted?
A: PowerSchool has not disclosed any evidence that the stolen data has been deleted.
Q: Who was behind the attack?
A: PowerSchool has not disclosed the identity of the hacker.
