PowerSchool Notice of Data Breach

FOLSOM, Calif.--(BUSINESS WIRE)--The purpose of this notice is to share some important information regarding a recent cybersecurity incident involving personal information belonging to current or former students and teachers (“individuals”) of schools that use or used software called PowerSchool Student Information System (SIS).

What Happened? On December 28, 2024, PowerSchool became aware of a cybersecurity incident involving unauthorized exfiltration of certain personal information from PowerSchool Student Information System (SIS) environments through one of our customer support portals, PowerSource. This incident has since been contained and PowerSchool continues to operate as normal. PowerSchool previously notified its impacted customers and has been in direct communication with them regarding the incident and notification process.

What Information Was Involved? Due to differences in customer requirements, the information exfiltrated for any given individual varied across our customer base. For involved individuals, the types of information exfiltrated in the incident included one or more of the following, which varied by person: the individual’s name, contact information, date of birth, limited medical alert information, Social Insurance Number, and other related information.

What Are We Doing? PowerSchool is offering two years of complimentary identity protection services, provided by Experian, to students and educators whose information was involved. For involved students and educators who have reached the age of majority, in addition to Experian’s identity protection services, PowerSchool is also offering two years of complimentary credit monitoring services provided by TransUnion. We are doing this regardless of whether an individual’s Social Insurance Number was exfiltrated.

If your personal information was involved in this incident and you are interested in enrolling in credit monitoring or identity protection services, please visit the PowerSchool website for more information: https://www.powerschool.com/security/sis-incident/notice-of-canada-data-breach/.

As soon as PowerSchool learned of the incident, we engaged cybersecurity response protocols and mobilized senior leadership and third-party cybersecurity experts to conduct a forensic investigation of the scope of the incident and to monitor for signs of information misuse. We are not aware at this time of any identity theft attributable to this incident.

What Can You Do? You are encouraged to remain vigilant against incidents of identity theft and fraud by reviewing account statements for suspicious activity. PowerSchool will never contact organizations or individuals by phone or email to request your personal or account information.