Excerpt from Securityweek Article, Published on Mar 12, 2025.
Cybersecurity firm CrowdStrike has revealed that hackers infiltrated the PowerSchool customer support portal months before the massive December 2024 breach. This cyberattack compromised millions of student and educator records, raising serious cybersecurity concerns.
PowerSchool disclosed in January that cybercriminals accessed its Student Information System (SIS) through the PowerSource support portal using stolen maintenance account credentials. The breach exposed sensitive data, including names, contact details, birth dates, Social Security numbers, and medical records. Although PowerSchool has not confirmed the exact number of affected individuals, reports suggest up to 70 million people may have been impacted. Several school districts in the US and Canada reported that hackers stole their historical SIS data. CrowdStrike’s latest report indicates the compromised credentials were first used between August and September 2024—months before the main breach—but does not establish a direct link between the incidents.
The stolen data has not surfaced on the dark web. The Menlo Park City School District suggested that PowerSchool might have engaged cybersecurity firm CyberSteward to negotiate with hackers, potentially paying a ransom to prevent data leaks. Despite concerns, CrowdStrike’s investigation found no evidence of further unauthorized access beyond December 28. No malware infections were detected, and no other PowerSchool customer IT environments were compromised.
PowerSchool’s latest update on March 7 reaffirmed that no new cybersecurity threats have emerged since the breach. However, this incident underscores the growing risk of cyberattacks on educational institutions, emphasizing the need for stronger security measures and proactive threat detection to protect sensitive student and educator data from future breaches. Schools and educational organizations must adopt advanced cybersecurity frameworks, conduct regular security audits, and implement multi-factor authentication to safeguard their systems. Additionally, cybersecurity awareness training for staff and students is essential in minimizing vulnerabilities and preventing similar breaches in the future.
To delve deeper into this topic, please read the full article Securityweek.
