On Friday, the U.S. Department of Education announced that a cyberattack had successfully breached the customer support portal of PowerSchool, “the nation's largest provider of cloud-based education software for K-12 schools.”
According to a release from the V.I. Department of Education, the breach was discovered in late December 2024, and involved an unauthorized user accessing and exporting sensitive data. This data, including contact information such as names and addresses, also included in some cases medical records, social security numbers, and grade information for both current and former students, VIDE said.
“PowerSchool has stated that the data breach is contained,” VIDE stated. “They believe the data will not be shared publicly.” This is because the company paid the hacker “an undisclosed amount” of money for proof that the stolen data had been destroyed. The company says it will now be actively monitoring the dark web to make sure that stray copies of the stolen data are not circulating in those spaces.
The department has now scheduled a “special live presentation” for parents at 6 p.m. on Monday, January 13, where VIDE representatives will further “explain the breach, its containments, and its impact on data privacy.”
