(Bill Hinton/Getty Images)
A cybersecurity breach at PowerSchool, a software company that supports school operations, has compromised student, parent and teacher information across potentially 85 Virginia school divisions. PowerSchool disclosed on Dec. 28 that its customer portal, PowerSource, has been accessed without authorization, affecting student information nationwide.
In an update, the company reassured users that its operations remain intact, stating that it is “not experiencing, nor does it expect to experience any operational disruption.” PowerSchool further vowed to continue providing services as normal to its customers, adding that there was no evidence that other company products were impacted.
The company emphasized its commitment to privacy and transparency during the incident. “We take our responsibility to protect student, family, and educator data privacy extremely seriously, and we are committed to providing customers, families, and educators with resources and support as we work through this together,” PowerSchool said in a statement. “We apologize for any concern this incident may cause you and are working hard to provide you timely updates.”
Fluvanna County Public Schools, one of the affected divisions, informed parents and community members that compromised data primarily includes contact details such as names and addresses of students, parents and teachers.
Fluvanna officials also revealed that some individuals’ personally identifiable information (PIl), including Social Security numbers, was compromised in the breach. According to the division, Social Security numbers are stored only for teaching candidates awaiting provisional licenses, and those affected are being contacted.
“They assure us that they are working with urgency to complete their investigation and determine whether Pll belonging to our students or teachers was included,” Fluvanna Superintendent Peter Gretz wrote in a statement.
Other divisions impacted by the breach include Charlottesville, Richmond, and Tazewell counties. These divisions are part of the Virginia PowerSchool Users Group, an 85-member organization that offers training and support for the software.
Russell County Public Schools also notified families and employees about the breach.
Superintendent Kimberly Hooker emphasized the district’s commitment to safeguarding personal information and said they are working with PowerSchool to determine the extent of the breach.
“Russell County Public Schools takes the privacy of our students’ and employees’ personal information very seriously,” Hooker said in a Jan. 10 letter. “We will work with PowerSchool to ensure that any individuals impacted by this incident are directly notified.”
Meanwhile, Fairfax County Public Schools, the largest school division in Virginia, confirmed that while it is a PowerSchool customer, it does not use the company’s student information system product, and was not impacted.
GET THE MORNING HEADLINES.