Introduction to the Breach

A data breach at PowerSchool, a leading provider of K-12 software, has put the personal information of millions of students at risk. The breach, which was first disclosed in early January 2025, is considered one of the largest education data breaches in recent years.

PowerSchool provides software to over 18,000 schools, supporting around 60 million students across North America. The company, acquired by Bain Capital for $5.6 billion, confirmed that an unknown hacker used a compromised credential to breach its customer support portal in December 2024.

Extent of the Breach

The breach allowed the hacker to access PowerSchool's school information system, PowerSchool SIS, which manages student records, grades, attendance, and enrollment. While PowerSchool has been open about some aspects of the breach, several important questions remain unanswered.

According to reports, the hacker may have accessed the personal data of over 62 million students and 9.5 million teachers. However, PowerSchool has declined to confirm the accuracy of these numbers, despite acknowledging that millions of people were likely affected.

Response to the Breach

PowerSchool has taken steps to prevent the stolen data from being published and has worked with a cyber-extortion incident response company to negotiate with the threat actors. The company believes that the data has been deleted and will not be shared or made public.

However, the company's response to the breach has been criticized, with some arguing that PowerSchool has not been transparent enough about the incident. The company has declined to provide further information about the breach, citing the ongoing investigation.

Investigation and Aftermath

The investigation into the breach is ongoing, and PowerSchool has released a postmortem report prepared by CrowdStrike. The report confirmed that the breach was caused by a compromised credential but did not provide further details about the root cause of the breach.

The breach has raised concerns about the security of student data and the need for greater transparency and accountability in the education technology sector. As the investigation continues, it is likely that more information will come to light about the breach and its impact on affected students and schools.