Close Menu
TechTost
  • AI
  • Apps
  • Crypto
  • Fintech
  • Hardware
  • Media & Entertainment
  • Security
  • Startups
  • Transportation
  • Venture
  • Recommended Essentials
What's Hot

What is Mistral AI? Everything you need to know about the OpenAI competitor

Podcasting platform Riverside is getting into the newsletter game

Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

Facebook X (Twitter) Instagram
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer
Facebook X (Twitter) Instagram
TechTost
Subscribe Now
  • AI

    What is Mistral AI? Everything you need to know about the OpenAI competitor

    4 July 2026

    Anthropic is discussing a new custom chip with Samsung

    3 July 2026

    Jersey Mike’s IPO shows just how bad the AI ​​hype has gotten

    3 July 2026

    OpenAI proposed donating 5% of its equity to a US sovereign wealth fund

    2 July 2026

    SpaceX has a prototype AI device, and it sure sounds like a phone

    2 July 2026
  • Apps

    Podcasting platform Riverside is getting into the newsletter game

    4 July 2026

    Threads adds new features to Live Chats as it expands access

    4 July 2026

    Travel app Hopper to pay $35 million in FTC settlement over ‘unfair’ hidden fees

    3 July 2026

    Meta quietly launches vibe-encoded Pocket gaming app

    3 July 2026

    Popular TV-watching app TV Time is shutting down as the company focuses on artificial intelligence

    2 July 2026
  • Crypto

    Venice AI goes unicorn with $65M Series A as first privacy AI platform takes off

    1 July 2026

    Crypto Exchange OKX wants AI agents to hire and pay each other

    30 June 2026

    Startup Battlefield 200 applications close today

    27 May 2026

    5 days left: Save up to $410 on Disrupt 2026 passes

    25 May 2026

    As crypto cools, a16z crypto raises $2.2 billion in capital

    6 May 2026
  • Fintech

    India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

    28 June 2026

    Early Bird pricing ends tonight for the Founder Summit

    26 June 2026

    4 days left to save up to $190 on Founder Summit 2026

    23 June 2026

    Robinhood’s note on 10% layoffs shows that blaming AI doesn’t cut it

    17 June 2026

    Anthropic’s latest spat with the Trump administration may actually help it, sales figures suggest

    17 June 2026
  • Hardware

    IQM, Europe’s first public quantum company, admits that the future of the technology is uncertain

    3 July 2026

    Thiel Capital’s Jack Selby commits stakes in hot startups like Etched through Arizona connections

    3 July 2026

    Ashton Kutcher is leaving Sound Ventures to start a new VC firm with Morgan Beller

    2 July 2026

    Flipper’s new Busy Bar is a customizable display for productivity

    30 June 2026

    South Korea’s tech giants pledge over $550 billion to ease ‘RAMageddon’

    30 June 2026
  • Media & Entertainment

    Cloudflare’s new policy pushes AI companies to pay for publishers’ content

    1 July 2026

    Watch out, Amazon: The Kobo eReader now has a Goodreads rival

    29 June 2026

    YouTube Shorts just got even shorter with an update that lets you double the playback speed

    25 June 2026

    Deezer says its new feature allows fans to remix songs with the artist’s consent

    24 June 2026

    Instagram looks set to take on streaming services with a longer, episodic and live format for its TV app

    22 June 2026
  • Security

    Politician who investigated abuses of wiretapping software on his phone with Pegasus spyware

    3 July 2026

    The US government says it’s been hacked — again

    2 July 2026

    In major privacy victory, Supreme Court rules that geo-trafficking warrants are protected by privacy rights

    29 June 2026

    The Klue hack results in a data breach at several cybersecurity companies

    26 June 2026

    Cellebrite said it cut off Russia, but Russia used its tools anyway

    26 June 2026
  • Startups

    Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

    4 July 2026

    The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

    3 July 2026

    Last chance to apply — Startup Battlefield Australia applications close on 6 July

    3 July 2026

    Arcturus could halve grid electrical losses using nano-infused metals

    2 July 2026

    Indian tech tycoon bets $30 million of his own money to build AI alternative to Microsoft Office

    2 July 2026
  • Transportation

    Chevy built an all-American EV truck — why isn’t anyone buying it?

    3 July 2026

    Rivian raises EV sales forecast as second-quarter production ramps up

    3 July 2026

    Lucid Motors CFO steps down as new CEO continues leadership shakeup

    2 July 2026

    Tesla begins testing Cybercab without pedals or steering wheel in Austin

    2 July 2026

    Lime is starting life as a public company after years of uncertainty

    1 July 2026
  • Venture

    After $18B IPO, Bending Spoons Founder Says Success Comes From Minimizing Luck

    2 July 2026

    Bending Spoons defies SaaS slump, up 40% on first day of trading

    2 July 2026

    The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

    1 July 2026

    Patronus AI lands $50 million to create ‘digital worlds’ that stress-test AI agents

    26 June 2026

    How to invest when everything is moving too fast

    24 June 2026
  • Recommended Essentials
TechTost
You are at:Home»Security»What Powerschool will not say about violating its data that affects millions of students
Security

What Powerschool will not say about violating its data that affects millions of students

techtost.comBy techtost.com11 March 202507 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
What Powerschool Will Not Say About Violating Its Data That
Share
Facebook Twitter LinkedIn Pinterest Email

We are only a few months by 2025, but the recent chaos of Edtech’s giant Powerschool is on the right track to be one of the largest training data violations in recent years.

Powerschool, which provides K-12 software to more than 18,000 schools to support about 60 million students across North America, has first revealed the data violation in early January 2025.

The company based in California, which Bain Capital acquired for $ 5.6 billion, said an unknown hacker used a single compromised certificate to violate the customer support gate in December 2024, allowing further access to the Sis School Management of students, grades, participation and registration.

While Powerschool was open to certain aspects of violation – for example, Powerschool told TechCrunch that the Powersource Portal did not Multiple factors identity support at the time of the event-very important questions remain unanswered.

TechCrunch has sent Powerschool a list of excellent questions about the incident, which may affect millions of students.

Powerschool spokesman Beth Keebler refused to answer our questions, saying that all infringement updates will be published in Company’s incident page. On January 29, the company said it began to alert people affected by violation and state regulators.

Many of the company’s customers also have excellent questions about breach, forcing those who are influenced to work together to investigate the hack.

In early March, Powerschool published the posthumous breach of its data, As prepared by CrowdstrikeTwo months after the word of Powerschool customers, it will be released. While many of the details of the exhibition were known, Crowdstrike confirmed that a hacker had access to Powerschool systems as early as August 2024.

Here are some of the questions that remain unanswered.

Powerschool has not said how many students or staff are affected

TechCrunch has heard from Powerschool customers that the scale of data breach could be “massive”. But Powerschool has repeatedly refused to say how many schools and individuals are affected, despite the fact that TechCrunch had “identified schools and areas where the data participated in this incident”.

Computer with sinkingAccording to many sources, he said in January that the hacker responsible for the Powerschool violation had access to the personal data of more than 62 million students and 9.5 million teachers.

When asked by TechCrunch, Powerschool refused to confirm if this number was accurate.

Powerschool deposits with general lawyers and communications from the violated schools, however, suggest that millions of people were probably stolen personal information in the data violation.

In a testimony with the Texas Attorney General, Powerschool confirmed that nearly 800,000 residents of the state had closed data. The deposition of January with the Maine Attorney General said that at least 33,000 residents were affected, but that has been since then up to date To say that the number of people affected is “to be determined”.

The Toronto Regional School Council, Canada’s largest school council, which serves about 240,000 students each year, said the hacker could have access to about 40 years of students, with the data of about 1.5 million students taken in the breach.

The California Menlo Park City district also confirmed The hacker has access to information for all current students and staff-who have about 2,700 students and 400 employees-as students and staff dating from the beginning of the school year 2009-2010.

Powerschool has not said which types of data have been stolen

Not only do we not know how many people were affected, but we also do not know how much or what types of data had access during the breach.

In a communication he shared with customers in January, seen by TechCrunch, Powerschool said the hacker stole “sensitive personal information” for students and teachers, including grades, participation of students and demographics. The company’s incident page also states that stolen data may have included social security numbers and medical data, but they say that “due to the differences in customer requirements, information was outraged about each specific person varying throughout our customer base”.

TechCrunch has heard from many schools that are influenced by the incident that “all” of their students’ historical data and teachers were at stake.

A person working in a affected school area told TechCrunch that stolen data includes extremely sensitive student data, such as information on parental access rights, orders, and information about when some students should take their medicines.

A source speaking with TechCrunch in February revealed that Powerschool has provided a “Sis Self Service” tool that can explore and summarize Powerschool customers to show what data is stored in their systems. However, Powerschool said the tool “may not accurately reflect the data fired at the time of the incident”.

It is not known whether Powerschool has its own technical means, such as logs, to determine which types of data have been stolen from specific school areas.

Powerschool will not say how much he paid hacker responsible for the breach

Powerschool told TechCrunch that the organization had taken “appropriate steps” to prevent the publication of stolen data. In the communication he shared with customers, the company confirmed that he had worked with a cyber -reaction company to negotiate with the threat responsible for the breach.

All of this confirms that Powerschool paid a ransom to the attackers who violated its systems. However, when asked by TechCrunch, the company refused to say how much the hacker paid or required.

We do not know what elements Powerschool have received that stolen data have been deleted

Powerschool’s Kebler told TechCrunch that the company “does not provide for the data that is shared or made public” and that “believes that the data has been deleted without further reproduction or dissemination”.

However, the company has repeatedly refused to say what information it has received to indicate that the stolen data had been deleted. Early reports He said the company received video receipt, but Powerschool would not confirm or refuse when asked by TechCrunch.

Even then, proof of deletion is by no means a guarantee that the hacker has not still possessed the data. The recent cease of the United Kingdom of the United Kingdom Ransomware gang discovered that the gang still had data belonging to victims that had been ransom demand.

The hacker behind data breach is not yet known

One of the biggest unknown to Powerschool Cyberettack is who was responsible. The company has contacted the hacker, but refused to reveal their identity if it is known. Cybetesward, the Canadian event reaction organization that Powerschool worked to negotiate, did not answer TechCrunch questions.

Crowdstrike forensic report leaves unanswered questions

After the release of his Powerschool Crowdstrike Forensic Exhibition In March, a person in a school affected by the violation told TechCrunch that the findings were “sluggish”.

The report confirmed that the breach was caused by a compromised credentials, but the main cause of the way in which compromised credentials were acquired and used and remains unknown.

Mark Racine, chief executive of the Boston -based Counseling Company, told Techcrunch that while the report provides “some details”, there is not enough information to “understand what went wrong”.

It is not exactly known how far away the Powerschool violation is

A new detail at the Crowdstrike exhibition is that a hacker had access to the Powerschool network between August 16, 2024 and September 17, 2024.

Access was acquired using the same compromised credentials used during the December violation, and the hacker had access to Powerschool’s Powersource, the same customer support gateway undermined in December to access the Powerschool School Information System.

Crowdstrike, however, said that there is not enough evidence to conclude that it is the same threat actor responsible for the December violation due to insufficient log files.

But findings suggest that hacker – or many hackers – may have access to the Powerschool network for months before the access is detected.

Do you have more information on Powerschool data breach? We would like to hear from you. From a non -work device, you can contact Carly Page safely at +44 1536 853968 or email at carly.page@techcrunch.com.

affects authorization capital cyberspace data data breach millions piracy powerschool safety students Violating
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleHost a side event in Sessions: AI
Next Article Nirvana keeps Truckin with $ 80 million at $ 830 million
bhanuprakash.cg
techtost.com
  • Website

Related Posts

Politician who investigated abuses of wiretapping software on his phone with Pegasus spyware

3 July 2026

The US government says it’s been hacked — again

2 July 2026

Omen AI’s plan to optimize data centers is all wet

30 June 2026
Add A Comment

Leave A Reply Cancel Reply

Don't Miss

What is Mistral AI? Everything you need to know about the OpenAI competitor

4 July 2026

Podcasting platform Riverside is getting into the newsletter game

4 July 2026

Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

4 July 2026
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Fintech

India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

28 June 2026

Early Bird pricing ends tonight for the Founder Summit

26 June 2026

4 days left to save up to $190 on Founder Summit 2026

23 June 2026
Startups

Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

Last chance to apply — Startup Battlefield Australia applications close on 6 July

© 2026 TechTost. All Rights Reserved
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Type above and press Enter to search. Press Esc to cancel.