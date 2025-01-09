Breach, Data Security, Ransomware

North American K-12 districts impacted by PowerSchool breach

Blur and selective focus of the university student using computer studying in computer room. Group of students in study in computers room.

(Adobe Stock)

Dozens of K-12 school districts in the U.S. and Canada had their students' and teachers' personal data compromised following a cyberattack against major global education software provider PowerSchool's student information system initially discovered in late December, BleepingComputer reports.

Infiltration of PowerSchool's PowerSource customer support portal via stolen credentials enabled threat actors to access a maintenance access tool enabling entry to SIS instances and the eventual exfiltration of data such as names and addresses, as well as personally identifiable information, Social Security numbers, medical details, and grades, according to PowerSchool. Despite emphasizing that the breach did not impact customer credentials and forum information, PowerSchool admitted to having provided the demanded ransom to avert data exposure. "PowerSchool engaged the services of CyberSteward, a professional advisor with deep experience in negotiating with threat actors. With their guidance, PowerSchool has received reasonable assurances from the threat actor that the data has been deleted and that no additional copies exist," said the firm.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Related

Over 360K impacted by Medusind breach

Information compromised in the breach included not only names, birthdates, email addresses, and phone numbers, but also Social Security numbers, driver's licenses, taxpayer IDs, payment details, and health and health insurance and billing data, according to a filing with the Office of the Maine Attorney General.

Database compromise confirmed by UN civil aviation agency

Unauthorized access to the database prompted the exfiltration of recruitment-related information from April 2016 to July 2024, including applicants' names, birthdates, email addresses, and employment history, but not their financial details, passports, credentials, and uploaded documents.

Gravy Analytics purportedly hacked

Additional details regarding the incident, which was initially reported by independent tech news outlet 404media, remain uncertain but cybersecurity researchers John Hammond of Huntress and Marley Smith of RedSense have confirmed the veracity of the nearly 1.4 GB of data exposed by the threat actor on the XSS website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Attack VectorByteChecksumCipherCiphertextCryptographic Hash FunctionsData AggregationData Loss Prevention (DLP)Digital EnvelopeDigital Signature Standard (DSS)

You can skip this ad in 5 seconds