Education software provider PowerSchool has started notifying victims of a December 2024 cyberattack, but many questions remain unanswered, including the total number of people affected. PowerSchool, which serves over 60 million students and has more than 18,000 global customers, confirmed the breach occurred on December 28, potentially exposing sensitive data such as names, addresses, Social Security numbers, medical information, and grades.
In a statement on its website, PowerSchool announced it has begun notifying impacted individuals, including students, educators, parents, and guardians in the U.S., Canada, and other countries. The company is offering affected adults complimentary identity theft protection services and two years of credit monitoring.
“PowerSchool began the process of filing regulatory notifications with Attorneys General Offices across applicable U.S. jurisdictions on behalf of impacted customers who have not opted-out of our offer to do so,” the company stated. Notifications to Canadian regulators are underway, with updates for international customers expected soon.
Despite these steps, PowerSchool has not released a comprehensive report on the breach, leaving the full impact unclear. A filing with Maine’s Attorney General’s office revealed that 33,488 people in Maine were affected. However, attackers have claimed responsibility for stealing data from over 62 million students and nearly 10 million teachers, according to BleepingComputer.
The breach has raised significant concerns regarding data security in the education sector. While PowerSchool has taken steps to address the situation, including regulatory filings and support for victims, the lack of detailed disclosure continues to leave questions about the scale and nature of the attack.
Disclaimer
NextNews strives for accurate tech news, but use it with caution - content changes often, external links may be iffy, and technical glitches happen. See full disclaimer for details.