Topics
recent
AI
Amazon
Image Credits:Michael Nagle/Bloomberg / Getty Images
Apps
Biotech & Health
Climate
Image Credits:Michael Nagle/Bloomberg / Getty Images
Cloud Computing
mercantilism
Crypto
go-ahead
EVs
Fintech
fundraise
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
privateness
Robotics
security system
societal
Space
Startups
TikTok
Transportation
speculation
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
newssheet
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
Education applied science monster PowerSchool has say customers that it experience a “ cybersecurity incident ” that take into account hackers to compromise the personal datum of bookman and teachers in K-12 school districts across the United States .
The California - based PowerSchool , which wasacquired by Bain Capital for $ 5.6 billion in 2024 , is the largest provider of cloud - establish education software for K-12 education in the U.S. , serving more than 75 % of students in North America , according to the company ’s website . PowerSchool enunciate its software system is used by over 18,000 customer to support more than 60 million students in the United States .
In a varsity letter ship to affected customers on Tuesday andpublished in a local news account , PowerSchool say it distinguish on December 28 that cyber-terrorist successfully breached its PowerSource customer funding portal vein , allowing further access to the company ’s school entropy system , PowerSchool SIS , which schools use to manage student records , grades , attending , and enrollment . The letter said the caller ’s probe found the hackers arrive at access “ using a compromise certificate . ”
PowerSchool has not said what eccentric of data were accessed during the incident or how many somebody are affected by the breach .
PowerSchool spokesperson Beth Keebler confirmed the incident in an e-mail to TechCrunch but declined to respond specific question about the incident . Bain Capital has responded to TechCrunch ’s question .
“ We have taken all appropriate steps to forbid the information involved from further unauthorized entree or misuse , ” Keebler said . “ The incident is hold in and we do not foretell the datum being shared or made public . PowerSchool is not experiencing , nor bear to experience , any operational disruption and continues to provide services as normal to our client . ”
The nature of the cyberattack remain unknown . Bleeping Computerreports that in an FAQ sent to affected users , PowerSchool said it did not experience a ransomware attack , but that the company wasextortedinto paying a fiscal inwardness to prevent the hackers from leaking the stolen information . PowerSchool secern the publishing that public figure and address were exposed in the falling out , but that the information may also let in Social Security bit , medical information , grades , and other in person identifiable information . PowerSchool did not say how much the caller paid .
PowerSchool wassued by class actionin November 2024 , which alleges the company lawlessly sells scholarly person information without consent for commercial gain . grant to the lawsuit , the company ’s troves of student data totals some “ 345 tebibyte of data collected from 440 school districts . ”
“ PowerSchool collects this extremely sensitive information under the guise of educational support , but in fact collects it for its own commercial-grade gain , ” while hiding behind “ opaque terms of service such that no one can understand , ” the causa alleges .
update with commentary from PowerSchool .
Do you have more data about the PowerSchool data point severance ? We ’d make love to hear from you . From a non - work equipment , you’re able to contact Carly Page firmly on Signal at +44 1536 853968 or via e-mail atcarly.page@techcrunch.com .
