Summarize this content to 2000 words in 6 paragraphs The school districts that had their data stolen in the recent cyberattack on PowerSchool say hackers now have access to their previous student and teacher data.Why It MattersThe edtech giant provides services impacting more than 50 million students, and now all their data is in jeopardy, according to the latest report from TechCrunch.What To KnowThe data hack occurred in December when the PowerSchool customer support portal suffered a breach. No specific hacker has come forward, but it’s estimated that millions of K-12 students and teachers’ personal data is now at risk.A spokesperson told Newsweek that PowerSchool is working “with urgency” to complete its investigation and identify those whose data may have been involved.”While our data review remains ongoing, we expect the majority of involved customers did not have sensitive information, including social security numbers or medical information, involved,” a spokesperson told Newsweek.They added: “We have identified the schools and districts whose data was involved in this incident, notified them directly and will be providing updates as we support them through next steps. Since the beginning of this incident, our top priority has been transparent and direct communication with our customers. PowerSchool is in the process of rolling out a plan in which we will offer to notify individuals whose personal information was involved on our customers’ behalf. We will also be providing credit monitoring or identity protection services if applicable.”PowerSchool has not yet confirmed how many school customers are affected, but TechCrunch reported that at least two school districts said personal data had been compromised for both current and former students and teachers.”In our case, I just confirmed that they got all historical student and teacher data,” a source told TechCrunch.Another source who works at a school district with almost 9,000 students said the hackers now had demographic data for all teachers and students since the time they joined PowerSchool.The potentially stolen data includes full names, addresses, Social Security numbers and some medical and grade information.
Stock images of a hacked system sign on a computer and a student with a teacher. It’s estimated that millions of K-12 students and teachers’ personal data is now at risk.
Stock images of a hacked system sign on a computer and a student with a teacher. It’s estimated that millions of K-12 students and teachers’ personal data is now at risk.
Sashkinw/Jacob Wackerhausen/Getty Images
What People Are SayingA spokesperson for PowerSchool told Newsweek: “We care deeply about the students, teachers, and families we serve and are wholeheartedly committed to supporting them. We are working to complete our investigation of the incident and are coordinating with districts and schools to provide more information and resources (including credit monitoring or identity protection services if applicable) as it becomes available.”Sandra Glading, Online Safety Advocate from McAfee, told Newsweek: “Data breaches can make your and your children’s information vulnerable to misuse by cybercriminals, but there are steps you can take to protect your family from future scams. Practicing digital street smarts – by monitoring credit, tracking financial transactions, and using tools such as dark web monitoring to spot leaked information – is critical.”Chris Henderson, senior director of threat operations at Huntress, told Newsweek: “Edtech has the same supply chain risks that plague every other industry, except they are often holding the PII of our students which makes a breach even more impactful. According to initial results the breach was due to a credential compromise, allowing an attacker to utilize credentials purchased from an access broker to log into PowerSource, their customer support portal.”Lisa Plaggemier, Executive Director at the National Cybersecurity Alliance, told Newsweek: “Hacks in the edtech sector have become increasingly common due to the significant amount of sensitive data managed by educational technologies. Schools and educational institutions often use a variety of software platforms for managing student information, learning management, and communication, making them easy targets for cybercriminals. As the digital transformation in education progresses, both the frequency and sophistication of attacks have increased.”Malwarebytes’ Senior Privacy Advocate David Ruiz told Newsweek: “”I understand that there are likely many students right now worried about their grades being leaked, but, we’ve never seen hackers use poor test scores as an effective blackmailing tactic. Instead, the immediate threat to students is identity theft or fraud, which could be particularly difficult to catch—when’s the last time you met a teenager who monitored their credit activity?”What Happens NextThe students and teachers whose information was targeted in the attack are now vulnerable to identity theft, experts say.”The leakage of student data can have severe long-term implications,” Plaggemier said. “Students may also face psychological impacts, such as anxiety and loss of trust in their educational providers. It is crucial for institutions to swiftly address such breaches, ensure transparency in their communication, and provide support to affected individuals to mitigate these risks. This situation underscores the need for stronger data protection policies and regulatory compliance in the edtech sector to safeguard student information.”
