It’s just February, but our recent Hack Edtech Giant Powerschool has the ability to be one of the biggest violations of the year.
Powerschool, which provides K-12 software to more than 18,000 schools to support about 60 million students across North America, confirmed the violation in early January. The company based in California, which Bain Capital acquired for $ 5.6 billion in 2024, said the hackers used compromised credentials to violate the Customer Support Portal, allowing further access to the company’s school information system, Powerschool Sis. Participation and registration.
“On December 28, 2024, we met a possible cyberspace incident that includes unauthorized access to some Powerschool SIS information through one of the community -focused customer gates,” Powerschool spokesman Beth Keebler said in Techcrunch.
Powerschool has been opened for some aspects of violation. Kebler told TechCrunch that Powersource Gate, for example, did not support Multiple factors authenticate at the time of the event, while Powerschool did. But a number of important questions remain unanswered.
TechCrunch has sent Powerschool a list of excellent questions about the incident, which has the ability to influence millions Company’s incident page. On January 29, the company said it began to alert people affected by violation and state regulators.
Powerschool told customers that it will be shared by mid -January a report by CYBERSECTION CROWDSTRIKE, which the company hired to investigate the breach. But several sources working in schools influenced by violation told TechCrunch that they have not yet received.
Company customers also have many unanswered questions, forcing those affected by the violation to work together to investigate the hack.
Here are some of the questions that remain unanswered.
It is not known how many schools or students are affected
Techcrunch has heard from schools hit by Powerschool’s violation that its scale could be “massive”. However, Powerschool has repeatedly refused to say how many schools and individuals are influenced despite the fact that TechCrunch had “identified schools and areas whose data participated in this incident”.
Computer with sinkingLiteral sources, he says the hacker responsible for the Powerschool breach is said to have access to the personal data of more than 62 million students and 9.5 million teachers. Powerschool has repeatedly refused to confirm if this number was accurate.
While Powerschool will not give a number, the company’s recent deposits with state lawyers suggest that millions had personal information stolen in the breach. In a testimony with the Texas Attorney General, for example, Powerschool confirms that nearly 800,000 states had stolen data.
Communications from violated school areas give a general idea of the magnitude of the violation. The Board of Directors of the Toronto Regional School (TDSB), Canada’s largest school council serving about 240,000 students each year, said the hacker can have access to about 40 years of student data value, With the data of nearly 1.5 million students taken during violation. Similarly, the California Menlo Park City district confirmed That the hacker had access to information on all current students and staff-who have about 2,700 students and 400 employees-as students and staff dating from the start of the school year 2009-10.
We do not yet know which types of data have been stolen
Not only do we not know how many people were affected, but we also do not know how much or what types of data had access during the breach.
In a communication she shared with her clients earlier in January, seen by TechCrunch, the company confirmed that the hacker stole “sensitive personal information” for students and teachers, including grades, participation of students and demographics. The company’s incident page also states that stolen data may have included social security numbers and medical data, but they say that “due to the differences in customer requirements, information was outraged about each specific person varying throughout our customer base”.
TechCrunch has also heard from many schools that are influenced by the incident that “all” of their students’ historical data and teachers were at stake.
A person working in a affected school area told TechCrunch that stolen data includes extremely sensitive student data, including information on parental access rights to their children, including restrictions and information about when some students should get their medicines.
A source speaking with TechCrunch in February revealed that Powerschool has provided a “Sis Self Service” tool that can explore and summarize Powerschool customers to show what data is stored in their systems. However, Powerschool said the tool “may not accurately reflect the data fired at the time of the incident”.
It is not known whether Powerschool has its own technical means, such as logs, to determine which types of data have been stolen from specific school areas.
Powerschool has not said how much he paid hacker responsible for the breach
Powerschool told TechCrunch that the organization had taken “appropriate steps” to prevent the publication of stolen data. In the communication he shared with customers, the company confirmed that he had worked with a cyber -reaction company to negotiate with the threat responsible for the breach.
All this, but they confirm that Powerschool paid ransom to the attackers who violated his systems. However, when asked by TechCrunch, the company refused to say how much the hacker paid or required.
We do not know what elements Powerschool have received that stolen data have been deleted
Powerschool’s Kebler told TechCrunch that the company “does not provide for the data that is shared or made public” and that “believes that the data has been deleted without further reproduction or dissemination”.
However, the company has repeatedly refused to say what information it has received to indicate that the stolen data had been deleted. Early reports He said the company received video receipt, but Powerschool would not confirm or refuse when asked by TechCrunch.
Even then, proof of deletion is by no means a guarantee that the hacker has not still possessed the data. The recent cease of the United Kingdom of the United Kingdom Ransomware gang discovered that the gang still had data belonging to victims that had been ransom demand.
We don’t know yet who was behind the attack
One of the biggest unknown to Powerschool Cyberettack is who was responsible. The company has contacted the hacker, but refused to reveal their identity if it is known. Cybetesward, the Canadian event reaction organization that Powerschool worked to negotiate, did not answer TechCrunch questions.
The results of the Crowdstrike survey remain a mystery
Powerschool works with Crowdstrike to investigate the breach. Powerschool customers were informed that the findings of the security company will be released on January 17th. However, the report has not yet been published and the affected school areas have told TechCrunch that they have not yet seen the report. Crowdstrike refused to comment when he was asked by TechCrunch.
Crowdstrike published an intermediate report in January, which has been seen by TechCrunch, but did not contain new details of the breach.
Do you have more information on Powerschool data breach? We would like to hear from you. From a non -work device, you can contact Carly Page safely at +44 1536 853968 or email at carly.page@techcrunch.com.
