PowerSchool, a provider of software solutions for K-12 school systems, recently disclosed a cybersecurity incident that may have potentially exposed sensitive information of both students and school district employees. PowerSchool discovered on Dec. 28, 2024, that a threat actor was able to access their system and, in some instances, exfiltrate this sensitive information. The impacted sensitive information could include Social Security numbers, personally identifiable information, medical information, and grades. PowerSchool has stressed that not every customer was impacted and, even if a customer was impacted, not every impacted customer had sensitive information impacted. PowerSchool has indicated that they will provide specifics to specific customers if their data was impacted.
