PowerSchool Data Breach Affects Millions of Students and Teachers
The education software provider confirms widespread impact from a December 2024 cyberattack, with sensitive data stolen from school districts across North America.
- PowerSchool has begun notifying individuals impacted by a December 2024 cyberattack that compromised sensitive personal data, including Social Security numbers, medical information, and grades.
- The breach affected data from 6,505 school districts, with hackers claiming to have stolen information on over 62 million students and 9.5 million teachers, though PowerSchool has not confirmed the total number of victims.
- The attackers accessed a customer support portal using stolen credentials that lacked multi-factor authentication, exfiltrating data stored by PowerSchool's on-premises customers.
- School districts in the U.S. and Canada, including the Toronto District School Board and Calgary Board of Education, reported significant impacts, with decades of student data accessed in some cases.
- PowerSchool is offering affected individuals two years of free credit monitoring and identity theft protection while continuing investigations with cybersecurity firm CrowdStrike.
Portland Press Herald 
The Verge 
The Globe and Mail 
Global News 
TechCrunch 
BleepingComputer 
