A breach of PowerSchool, an educational technology platform, has led to the exposure of data relating to students and teachers from K-12 school districts. PowerSchool provides a software suite used in schools across the United States which includes student information systems, special education, talent, finance, business, and HR and analytics systems.
The incident came to light after a threat actor group known as ‘Egregor’, claimed responsibility on a dark web market forum. They warned that they held a significant amount of sensitive data including students’ personal information, grades, and class schedules, as well as teachers’ details and school district financial data. Egregor has a history of ransomware attacks, often targeting big-name organizations, and have recently turned their attention to educational institutions.
Currently, there is uncertainty about the extent of the breach and how many school districts have been impacted. PowerSchool has refused to comment` on the specifics of the intrusions or the potential number of affected districts. However, they did release a statement saying, “We recently detected a security incident which prompted a detailed and thorough investigation. We have implemented additional security measures to enhance the protection of our system and personal data”.
There have been growing concerns over the security of student data across the U.S. In 2019 alone, there were over 800 reported incidents of cybercrime targeting educational institutions, according to the K-12 Cybersecurity Resource Center. This PowerSchool breach comes in the midst of a drastic increase in cyber attacks targeting the education sector due to the shift to online education forced by the Covid-19 pandemic.
Cybersecurity professionals have been emphasizing the critical need for greater cybersecurity measures in schools. In response to this breach, they warn of the potential for misuse of the stolen data, including potential identity theft, fraud, and other cybercrimes. Schools and district officials are advised to be proactive about improving their cybersecurity practices, and to collaborate with law enforcement agencies and power cybersecurity firms to address the breach.
The FBI has been alerted to the situation and is said to be actively investigating the matter. Both the affected institutions and PowerSchool are cooperating fully with the investigation, according to the sources.PowerSchool is working closely with independent cybersecurity firms to further protect its systems and ensure maximum data security.
Last modified: January 9, 2025
