Numerous school districts in Central Ohio were affected by a recent cyberattack targeting PowerSchool, a student information system software company. The breach, which occurred on December 28, 2024, could have exposed personal information of both students and teachers. PowerSchool is working with cybersecurity experts to investigate the incident and mitigate any potential harm.
School districts across Central Ohio were hit by a nationwide cybersecurity breach of a school-focused student information system software company. PowerSchool, which says it services more than 18,000 customers and 60 million students, notified affected customers of a hack that occurred on December 28. The hack could have exposed the personal information of both students and teachers.
The district learned that on December 28, 2024, PowerSchool, the provider of our student information system, became aware of a cybersecurity incident. This incident involved unauthorized access to certain information through one of its customer support portals, PowerSource. Over the following days, PowerSchool’s investigation determined that an unauthorized party from an IP address outside of the United States gained access to certain PowerSchool Student Information System data using a compromised login. The compromised account, which has since been deactivated by PowerSchool, was used to access all production and non-production servers via the PowerSchool API. The breach compromised PowerSchool servers across the state of Ohio, the United States and Canada. Upper Arlington servers were a part of this breach. We know that data from the Student and Teacher tables were exported. Upper Arlington does not use all of the fields listed on these two websites. In particular, the district can confirm that it does not use any social security number fields as a matter of practice. There are a small number of individuals whose social security numbers were included due to merged legacy data. Any current or recent student impacted by this has already received individualized communication from the district. PowerSchool has engaged the services of CyberSteward, a professional advisor with deep experience in negotiating with perpetrators. With their guidance, PowerSchool has received reasonable assurances and video confirmation from the perpetrator that the data has been deleted and that no additional copies exist. They do not anticipate the data being shared or made public, and they believe it has been deleted without any further replication or dissemination. PowerSchool is reviewing current security practices and implementing further protocols to prevent this type of incident from happening again. Our local host, META, is also reviewing their current network restrictions to prevent similar breaches in the future. At this time there is no action necessary on your part. As we continue to learn more about PowerSchool’s investigation and response to the incident we will continue to provide updates on our website.“We are aware of the situation involving PowerSchool. We want to assure our community that none of our district’s products or systems were impacted by this incident. Our district does not use the PowerSchool SIS; however, we do utilize three PowerSchool tools—Data Warehouse, Allovue, and the PD System—that were not affected, as confirmed by PowerSchool’s forensic review,” said CCS Interim Executive Director of Communications Tyler Carter. We reached out to PowerSchool and the company says they don’t have a specific number of how many school districts across central Ohio were impacted. \"On December 28, 2024, we became aware of a potential cybersecurity incident involving unauthorized access to certain PowerSchool SIS information through one of our community-focused customer portals, PowerSource. PowerSchool is not experiencing, nor expects to experience, any operational disruption and continues to provide services as normal to our customers. As soon as we learned of the incident, we immediately engaged our cybersecurity response protocols and mobilized a cross-functional response team, including senior leadership and third-party cybersecurity experts. PowerSchool is committed to protecting the security and integrity of our applications. We take our responsibility to protect student data privacy and act responsibly as data processors extremely seriously. PowerSchool is committed to providing affected customers, families, and educators with the resources and support they may need as we work through this together.
CYBERSECURITY HACK SCHOOLS STUDENT DATA POWER SCHOOL
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Lower Merion School District Hit by PowerSchool Data BreachThe Lower Merion School District in Pennsylvania is among schools nationwide affected by a data breach involving PowerSchool software. While the extent of the compromised data is still being determined, it may include personally identifiable information for staff and students, such as names, addresses, and academic records. The district is working with PowerSchool and cybersecurity experts to investigate the breach and mitigate potential risks. Credit monitoring and identity protection services will be offered to affected individuals.
Read more »
Utah school officials confirm several schools were affected by PowerSchool security breachIron County and Salt Lake City school officials confirm having been affected by the PowerSchool security breach and are worried about what this means for future security.
Read more »
Fifty Ohio State Athletes, Including 13 Football Players, Earn Degrees at Ohio State’s Autumn CommencementFifty Ohio State athletes, including 13 football players, are earning their degrees from the university at its autumn commencement on Sunday.
Read more »
Kelce Brothers Criticize Ohio Lawmaker's Bill to Outlaw Flag Planting at Ohio State StadiumOhio state Rep. Josh Williams introduced the O.H.I.O. Sportsmanship Act after the brawl following Michigan's win over Ohio State. The bill would prohibit flag planting on the Ohio State football field during games. Travis and Jason Kelce expressed their disapproval, calling it 'soft' and questioning its necessity.
Read more »
Vols Fans Set to Invade Ohio Stadium in Tennessee vs Ohio StateThe Tennessee Volunteers are set to take on the Ohio State Buckeyes on Saturday night inside Ohio Stadium in Columbus, Ohio, and they are expected to have quite a bit of Vols fans' support during the contest.
Read more »
Ohio State football players and fans celebrate big win against Tennessee with ‘Carmen Ohio’ (video)Ohio State football players and fans celebrated Saturday's big win against Tennessee with 'Carmen Ohio'
Read more »