PowerSchool Data Breach
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
PowerSchool Data Breach
Can anyone give me more info about the data breach that just happened with PowerSchool? Has there been any kind of official press release or written notice yet?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm the Technical Contact and haven't received nearly enough information about the breach.
How will Technical Contacts receive details on directly impacted families/staff? While we've received information on how to review logs (which is how we confirmed how many records were exported), we have yet to receive a copy of exported data to confirm exactly who was impacted.
When will we get information on the monitoring services? Our Jan. 8th notification stated" PowerSchool will be providing credit monitoring to affected adults and identity protection services to affected minors in accordance with regulatory and contractual obligations"...but we haven't received any additional information here.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I second @DominiqueJ 's request - specifically about the question about monitoring services. We have had inquiries about credit monitoring services. We need to know what to tell parents (e.g. a URL they can check (e.g. online form) or an email address they can use to request monitoring support).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As of Jan 20, 2025, my school district still cannot tell me what info was involved in the breach. They continue to tell me that they are as in the dark as I am.
How can we move forward? What does my school or I have to do to determine what of my info was involved in this breach?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
PowerSchool needs to do a better job of communicating with its customers about this breach.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@jamiem7 - I would ask that if you are a Powerschool employee or contractor that you not push these questions off on "others". Please provide more information. PS claims to be "transparent" regarding communication on this issue. Still, the fact that we have to go to a community forum, that is not public, in which it is tough to find information suggests otherwise. We need help. Please take our questions to management. I still have not heard from my account managers!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Great post. As of this morning we have parent inquiries to us asking about what credit/identity protection services are being offered (parents report that they are still concerned, even after assurances that no credit card/banking information was included in the breach, that the personal identifying information is significant and puts them at risk for identity theft. In short: @PowerSchool: What URL can we send to parents to see your response to these concerns?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is a really unhelpful link that was just shared with me: https://www.powerschool.com/security/sis-incident/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I just got that link, too, from my school district, who said "It's better than nothing!"
And it is. It is a page that may later be updated when the lawyers let them release more info. I suspect it is coming after CrowdStrike finishes their reports on 1/17/25. So Imma keep hitting my refresh button on that thing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Any word on that report? I can't seem to find any mention of it, though originally we were told "CrowdStrike is finishing their analysis in the coming days, and we expect to have a finalized forensic report by January 17th which we are happy to share."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for sharing your feedback.
We have forwarded this directly to our leadership team, who is currently reviewing all questions. We appreciate your patience during this.
Reshma
PowerSchool Community Support Expert
Remember to give Kudos to suggestions that help you!
If another user helps solve your issue, please select Accept As Solution on their post so others can see the solution, too!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here's something else for you to forward up the chain of command:
I have a son who graduated from a PowerSchool-using district. 5 years have passed, and all of his contact info is new and unknown to PowerSchool. For that matter, most of my contact info has also changed over the years.
We and probably others like us would like to know if our data was involved, even though we were gone from the school system at the time of the breach. And we would like to know how PS would get in contact with us, or if you will devise a method for us to update our contact info with you.
Thank you for your consideration!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How does a district go about contacting PowerSchool for credit monitoring for the affected users?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Make the users Inactive, and clear out their Login/Credentials. Teachers will indeed be attached to many historical records.
Full Disclosure: I do not work for PowerSchool
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you Jeff, I just wanted to make sure nothing had changed. I always make staff inactive and take away login credentials.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Stumbled across this.... PowerSchool you should have been practicing what you preach.
https://www.youtube.com/watch?v=_rQ4qCY1rpc