Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Privacy Security

PowerSchool Data Breach Victims Say Hackers Stole 'All' Historical Student and Teacher Data (techcrunch.com) 13

Posted by msmash from the more-you-know dept.
An anonymous reader shares a report: U.S. school districts affected by the recent cyberattack on edtech giant PowerSchool have told TechCrunch that hackers accessed "all" of their historical student and teacher data stored in their student information systems. PowerSchool, whose school records software is used to support more than 50 million students across the United States, was hit by an intrusion in December that compromised the company's customer support portal with stolen credentials, allowing access to reams of personal data belonging to students and teachers in K-12 schools.

The attack has not yet been publicly attributed to a specific hacker or group. PowerSchool hasn't said how many of its school customers are affected. However, two sources at affected school districts -- who asked not to be named -- told TechCrunch that the hackers accessed troves of personal data belonging to both current and former students and teachers. Further reading: Lawsuit Accuses PowerSchool of Selling Student Data To 3rd Parties.

PowerSchool Data Breach Victims Say Hackers Stole 'All' Historical Student and Teacher Data More | Reply

PowerSchool Data Breach Victims Say Hackers Stole 'All' Historical Student and Teacher Data

Comments Filter:

  • Sounds impressive. Especially the part where they sold the data and blame it now on the "ackers".

  • As usual, nobody will be held accountable (Score:3)

    by hyades1 ( 1149581 ) <hyades1@hotmail.com> on Wednesday January 15, 2025 @12:25PM (#65091081)

    Wouldn't it be nice if the US was something more than a corporate kleptocracy, and elected representatives gave enough of a damn about their constituents to hold corporations like this accountable for mass data breaches? No doubt PowerSchool has some handy lie about why they held onto data from students no longer in the system. No doubt it will be enough to get them off the hook. The board of directors should be looking at mandatory prison time, and the corporation should be fined into bankruptcy. It won't happen, of course. as long as PowerSchool bribed a few Senators and Congress-chuds...sorry, I meant to say, "made campaign contributions in support of the democratic process". They've got nothing to worry about. Meanwhile, most or all of the personal data any miscreant could wish for on millions of people is now available on the black market.

    I'm starting to really understand why some Americans are at the point of taking the law into their own hands.

    • Powerschool is used by some Canadian school districts too and they have been affected by this breach too. Since we tend to have quite strict data protection laws here there may be some consequences for them here at least, although probably just fines for the company which do little to fix the problems this breach may cause.

    • In my state, we actually have retention laws on student data. This sounds like the sort of thing that would violate those laws; I expect they will be paying my state some money...

  • All centralized data is a target for hackers; they payoff is so much more than individuals, or individual companies.

    • Which is why 2FA is stupid. While the bad guys will go after the individual person, it is much more profitable to go after the big deposits of data. It's why banks were robbed rather than robbing each person as they left the bank.

  • This is what you get when you are acquired by Bain: https://www.powerschool.com/ba... [powerschool.com]
    Long and tortuous history of ethics problems, "value extraction", big bonuses for do-nothing execs, etc.
    - https://fortune.com/article/ba... [fortune.com]
    - https://www.forbes.com/sites/m... [forbes.com]
    - https://archive.ph/hrjOD [archive.ph] (https://www.economist.com/finance-and-economics/2012/01/28/bain-or-blessing)
    and many more

  • We're getting to the point where stories about which services HAVEN'T been breached are more newsworthy. Your users' data is still secure? Good on you - great job! Their data has been stolen and can be had by anyone willing to pay? Yawn...

    I'm being sarcastic to make a point. If this was a years-long wave of tangible property thefts, there would be protests in the streets and possible bloodshed if stopping it wasn't being taken seriously enough. But when it comes to personal data theft, it seems that victims

  • > âoebelieves the data has been deleted without any further replication or dissemination.â

    BWAHAHA.

    How fucking stupid are these people? Data is the cockroaches of the internet. Chances are it has multiplied behind your your back.

    --
    If it not IF you will be hacked but WHEN.

    • Surely the hackers just wanted to see what millions of rows of names, SS #s, etc. look like. Then they would delete what they downloaded, as all hackers do. It's just an evolution of the way cat burglars used to break in, count all the money they found, and then carefully put it back where they found it before leaving.

    • 'PowerSchool told TechCrunch last week that it has taken "appropriate steps" to prevent the stolen data from being published, and said it "believes the data has been deleted without any further replication or dissemination."'

      In other words, they have paid off the hackers for a set of magic beans in the form of a promise to delete the data. They must be clowns if they actually believe the hackers!

Slashdot Top Deals

Dinosaurs aren't extinct. They've just learned to hide in the trees.

Close