PowerSchool Breach FAQ
Q: What happened?
A: Unauthorized access was detected in PowerSchool’s Student Information System (SIS). Several websites and news outlets provided overviews of the incident. For more information, please refer to the following articles:
- PowerSchool hack exposes student, teacher data from K-12 districts.
- PowerSchool data breach possibly exposed student, staff data.
- PowerSchool FAQ
PowerSchool has engaged the cybersecurity firm CrowdStrike to conduct a forensic analysis and share findings towards the end of January.
Q: What specific Personal Identifiable Information was accessed?
A: Two default tables from PowerSchool SIS were compromised: one with demographic information of students and one with demographic information of teachers. These tables are a set of default fields provided by PowerSchool, many of which the district does not actively use (there is no data populated in the field).
The following tables outline the percentage of data exposed for each field, calculated as the total number of records for that field divided by the total number of student/employee records breached. This breakdown shares the scope of the exposed data and highlights which data points were more significantly affected. Please refer to the tables below. These are PDF files that should be accessible via web, but may prompt a phone to download a file.
Q: Was private health information exposed?
Q: Were teacher, staff, or student Social Security Numbers exposed?
Q: Could any of the accessed data be considered sensitive for teachers, staff, or students?
Q: Will PowerSchool provide identity theft or credit monitoring to those individuals affected by the breach?
A: PowerSchool has confirmed that they will provide these services, for those applicable but details have not yet been shared. Regardless, we advise steps similar to those in these resources for all impacted by the breach:
Email Sent to Individuals Impacted by Compromised Social Security Number
We are writing to inform you of a recent nation-wide data security incident involving PowerSchool, a platform used by Arlington Public Schools as well as many other school districts throughout the state and country. During this incident, some sensitive information, including your Social Security number, was accessed without authorization. We deeply regret this situation and take the protection of your personal information very seriously.
As soon as we became aware of the breach, we took immediate action to secure the affected systems and launched a thorough investigation in collaboration with PowerSchool and neighboring communities. While we are implementing additional measures to safeguard our data moving forward, we want to ensure that you have the information and resources you need to protect your identity.
Under Massachusetts law, you have the right to obtain any police report filed in regard to this incident. If you are the victim of identity theft, you also have the right to file a police report and obtain a copy of it.
You may also place a security freeze on your credit reports, free of charge. A security freeze prohibits a credit reporting agency from releasing any information from a consumer’s credit report without written authorization. However, please be aware that placing a security freeze on your credit report may delay, interfere with, or prevent the timely approval of any requests you make for new loans, credit mortgages, employment, housing or other services. Under federal law, you cannot be charged to place, lift, or remove a security freeze.
You must place your request for a freeze with each of the three major consumer reporting agencies: Equifax, Experian, and TransUnion. To place a security freeze on your credit report, you may send a written request by regular, certified or overnight mail to the addresses below. You may also place a security freeze through each of the consumer reporting agencies’ websites or over the phone, using the contact information below.
Equifax Security Freeze
P.O. Box 105788
Atlanta, GA 30348
1-800-349-9960
https://www.equifax.com/personal/credit-report-services/
Experian Security Freeze
P.O. Box 9554
Allen, TX 75013
1-888-397-3742
https://www.experian.com/freeze/center.html
TransUnion Security Freeze
P.O. Box 160
Woodlyn, PA 19094
1-888-909-8872
https://www.transunion.com/credit-freeze
In order to request a security freeze, you will need to provide some or all of the following information to the credit reporting agency, depending on whether you do so online, by phone, or by mail:
- Your full name (including middle initial as well as Jr., Sr., II, III, etc.);
- Social Security Number;
- Date of birth;
- If you have moved in the past five (5) years, the addresses where you have lived over the prior five years;
- Proof of current address, such as a current utility bill, telephone bill, rental agreement, or deed;
- A legible photocopy of a government issued identification card (state driver’s license or ID card, military identification, etc.);
- Social Security Card, pay stub, or W2;
- If you are a victim of identity theft, include a copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft.
The credit reporting agencies have one (1) to three (3) business days after receiving your request to place a security freeze on your credit report, based upon the method of your request. The credit bureaus must also send written confirmation to you within five (5) business days and provide you with a unique personal identification number (PIN) or password (or both) that can be used by you to authorize the removal or lifting of the security freeze. It is important to maintain this PIN/password in a secure place, as you will need it to lift or remove the security freeze.
To lift the security freeze in order to allow a specific entity or individual access to your credit report, you must make a request to each of the credit reporting agencies by mail, through their website, or by phone (using the contact information above). You must provide proper identification (including name, address, and social security number) and the PIN number or password provided to you when you placed the security freeze, as well as the identities of those entities or individuals you would like to receive your credit report. You may also temporarily lift a security freeze for a specified period of time rather than for a specific entity or individual, using the same contact information above. The credit bureaus have between one (1) hour (for requests made online) and three (3) business days (for request made by mail) after receiving your request to lift the security freeze for those identified entities or for the specified period of time.
To remove the security freeze, you must make a request to each of the credit reporting agencies by mail, through their website, or by phone (using the contact information above). You must provide proper identification (name, address, and social security number) and the PIN number or password provided to you when you placed the security freeze. The credit bureaus have between one (1) hour (for requests made online) and three (3) business days (for requests made by mail) after receiving your request to remove the security freeze.
Free Credit Monitoring
PowerSchool will be offering two years of complimentary identity protection services for all students and educators whose information was exfiltrated from your PowerSchool SIS, which will also include two years of complimentary credit monitoring services for all adult students and educators whose information was involved, regardless of whether an individual’s Social Security number was exfiltrated.
Experian, a trusted credit reporting agency, will be helping us to provide these services. Details on how to enroll will be included as part of individual notifications. As the offer is specific to this incident, the details contained in the forthcoming enrollment notification will be required to enroll, and cannot be obtained directly from Experian.
Credit monitoring agencies do not offer credit monitoring services for individuals under the age of 18. If a parent / guardian enrolls an individual under the age of 18 in the offered identity protection services, the individual, upon turning 18, will have the opportunity to enroll in credit monitoring services for the duration of the two-year coverage period.
How to Protect Against Identity Theft in the Wake of a Data Breach
We recommend viewing both the Federal Trade Commission’s comprehensive website on identity theft and the State’s website on reporting and preventing identity theft. These websites provide information on how to place fraud alerts on your credit file, how to review your financial documents for suspicious activity, and other helpful information regarding what to do in the event that your personal identifying information has been compromised.
If you should have any further questions, please contact Matt Coleman at [email protected].
Teacher and Staff Breached Data Statistics
| Field Name | Field Description | Percentage of Breached Records Containing Data in this Field |
| TEACHERS.ID | Unique identifier for each record. | 99.91% |
| TEACHERS.PTAccess | Access permissions for PowerSchool. | 99.91% |
| TEACHERS.HomeSchoolId | Identifier for the user's home school. | 99.91% |
| TEACHERS.GradebookType | 0 or 1 | 99.91% |
| TEACHERS.SchoolID | Identifier for the school. | 99.91% |
| TEACHERS.LastFirst | User's name displayed as last name, first name. | 99.91% |
| TEACHERS.PSAccess | Access permissions for PowerSchool. | 99.91% |
| TEACHERS.Users_DCID | Internal database identifier for the record. | 99.91% |
| TEACHERS.Last_Name | User's last name. | 99.91% |
| TEACHERS.dcid | Internal database identifier for the record. | 99.91% |
| TEACHERS.Status | Current status of the user's staff record (e.g., active, inactive). | 99.91% |
| TEACHERS.First_Name | User's first name. | 99.91% |
| TEACHERS.StaffStatus | Employment status of the staff member (0-4) | 99.89% |
| TEACHERS.Sched_Scheduled | Indicates if the user is being used within the scheduling engine | 99.89% |
| TEACHERS.Sched_IsTeacherFree | Indicates if the teacher is free during scheduling. | 99.89% |
| TEACHERS.FedEthnicity | 0 or 1 | 99.89% |
| TEACHERS.DefaultStudScrn | Default screen displayed for student pages | 99.89% |
| TEACHERS.StaffPers_guid | Unique identifier for staff personnel. | 99.89% |
| TEACHERS.NumLogins | No longer used by the application. Data may export from this field | 99.89% |
| TEACHERS.Group | Group or category the user belongs to | 99.89% |
| TEACHERS.Photo | 0 or 1 | 99.89% |
| TEACHERS.Sched_MaximumFree | User's title or position at time of record creation | 99.89% |
| TEACHERS.Sched_UseHouse | Indicates if house-specific scheduling is used. | 99.89% |
| TEACHERS.TeacherNumber | Unique identifier for teachers | 99.39% |
| TEACHERS.Title | Teacher Title | 90.56% |
| TEACHERS.Ethnicity | internal code for user's self-reported ethnicity (numeric) | 88.54% |
| TEACHERS.SIF_StatePrid | State-provided unique identifier. Houses all teacher MEPID Numbers. | 86.25% |
| TEACHERS.Email_Addr | users district provided email address | 82.39% |
| TEACHERS.Middle_Name | User's middle name. | 58.82% |
| TEACHERS.NameAsImported | Name as originally imported into the system. | 57.65% |
| TEACHERS.TeacherLoginID | Teacher's unique login ID. | 45.03% |
| TEACHERS.CanChangeSchool | Indicates if the user can switch between schools in the system. | 35.76% |
| TEACHERS.LoginID | User's unique login ID. | 35.65% |
| TEACHERS.Log | Log of the user's activities or changes. | 30.20% |
| TEACHERS.Homeroom | User's assigned homeroom. | 25.32% |
| TEACHERS.School_Phone | building phone number or specific users extension | 22.49% |
| TEACHERS.Street | User's street address. | 21.39% |
| TEACHERS.State | State where the user resides. | 21.33% |
| TEACHERS.City | City where the user resides. | 21.33% |
| TEACHERS.Zip | User's ZIP code. | 21.13% |
| TEACHERS.Home_Phone | User's home phone number | 20.34% |
| TEACHERS.Sched_Department | internal code for dept associated with the user's schedule. | 17.72% |
| TEACHERS.Sched_Classroom | Classroom associated with the user's schedule. | 14.39% |
| TEACHERS.PreferredName | User's preferred name or note left on staff record for state reporting | 8.90% |
| TEACHERS.Sched_HouseCode | House associated with the user's schedule. | 5.29% |
| TEACHERS.Sched_Team | internal code for team associated with the user's schedule. | 3.91% |
| TEACHERS.Sched_Homeroom | Homeroom associated with the user's schedule. | 2.57% |
| TEACHERS.HomePage | User's default homepage in the system. | 2.50% |
| TEACHERS.Sched_BuildingCode | internal building code associated with the user's schedule. | 1.16% |
| TEACHERS.Sched_Lunch | Not Used By District | 0.00% |
| TEACHERS.WM_Status | Not Used By District | 0.00% |
| TEACHERS.WM_CreateDate | Not Used By District | 0.00% |
| TEACHERS.AdminLDAPEnabled | Not Used By District | 0.00% |
| TEACHERS.TeacherLoginPW | System Password for PowerSchool SIS Portal; Cannot Be Exported | 0.00% |
| TEACHERS.Sched_TotalCourses | Not Used By District | 0.00% |
| TEACHERS.WM_CreateTime | Not Used By District | 0.00% |
| TEACHERS.SSN | Not Used By District | 0.00% |
| TEACHERS.IPAddrRestrict | Not Used By District | 0.00% |
| TEACHERS.Sched_UseBuilding | Not Used By District | 0.00% |
| TEACHERS.Classpua | Not Used By District | 0.00% |
| TEACHERS.NoOfCurClasses | Not Used By District | 0.00% |
| TEACHERS.Sched_MaxPreps | Not Used By District | 0.00% |
| TEACHERS.WM_Address | Not Used By District | 0.00% |
| TEACHERS.WM_StatusDate | Not Used By District | 0.00% |
| TEACHERS.TeacherLoginIP | Not Used By District | 0.00% |
| TEACHERS.Access | Not Used By District | 0.00% |
| TEACHERS.AllowLoginStart | Not Used By District | 0.00% |
| TEACHERS.Sched_PrimarySchoolCode | Not Used By District | 0.00% |
| TEACHERS.Sched_Substitute | Not Used By District | 0.00% |
| TEACHERS.PowerGradePW | Not Used By District | 0.00% |
| TEACHERS.Sched_MaxPers | Not Used By District | 0.00% |
| TEACHERS.WM_TA_Flag | Not Used By District | 0.00% |
| TEACHERS.PeriodsAvail | Not Used By District | 0.00% |
| TEACHERS.Balance4 | Not Used By District | 0.00% |
| TEACHERS.Balance3 | Not Used By District | 0.00% |
| TEACHERS.Password | System Password for PowerSchool SIS Portal; Cannot Be Exported | 0.00% |
| TEACHERS.Balance2 | Not Used By District | 0.00% |
| TEACHERS.Balance1 | Not Used By District | 0.00% |
| TEACHERS.Sched_ActivityStatusCode | Not Used By District | 0.00% |
| TEACHERS.supportContact | Not Used By District | 0.00% |
| TEACHERS.AllowLoginEnd | Not Used By District | 0.00% |
| TEACHERS.Sched_TeacherMoreOneSchool | Not Used By District | 0.00% |
| TEACHERS.WM_Alias | Not Used By District | 0.00% |
| TEACHERS.TeacherLDAPEnabled | Not Used By District | 0.00% |
| TEACHERS.Sched_MaximumDuty | Not Used By District | 0.00% |
| TEACHERS.Sched_MaximumConsecutive | Not Used By District | 0.00% |
| TEACHERS.Notes | Not Used By District | 0.00% |
| TEACHERS.WM_TA_Date | Not Used By District | 0.00% |
| TEACHERS.Lunch_ID | Not Used By District | 0.00% |
| TEACHERS.Maximum_Load | Not Used By District | 0.00% |
| TEACHERS.Sched_Gender | Not Used By District | 0.00% |
| TEACHERS.WM_Tier | Not Used By District | 0.00% |
| TEACHERS.Sched_MaximumCourses | Not Used By District | 0.00% |
| TEACHERS.WM_Exclude | Not Used By District | 0.00% |
| TEACHERS.LastMeal | Not Used By District | 0.00% |
| TEACHERS.FedRaceDecline | Not Used By District | 0.00% |
| TEACHERS.WM_Password | Not Used By District | 0.00% |
Student Breached Data Statistics
| Field Name | Field Description | Percentage of Breached Records Containing Data in this Field |
| STUDENTS.PhotoFlag | 0 or 1 | 99.99% |
| STUDENTS.Student_AllowWebAccess | 0 or 1 | 99.99% |
| STUDENTS.Enroll_Status | data is a 0, 1, 2, 3 or 4 | 99.99% |
| STUDENTS.Exclude_fr_rank | Data is either true or false. | 99.99% |
| STUDENTS.Sched_Scheduled | Data is either true or false. | 99.99% |
| STUDENTS.Enrollment_SchoolID | DESE code for the school | 99.99% |
| STUDENTS.SchoolID | DESE school identifier number | 99.99% |
| STUDENTS.LunchStatus | E, F, P , T, R | 99.99% |
| STUDENTS.FedEthnicity | Federal designation of the student’s ethnicity - listed as a number | 99.99% |
| STUDENTS.State_EnrollFlag | Not Used By District | 99.99% |
| STUDENTS.MembershipShare | Not Used By District | 99.99% |
| STUDENTS.EnrollmentID | Number associated to student’s enrollment record. | 99.99% |
| STUDENTS.Grade_Level | The current grade level of the student. | 99.99% |
| STUDENTS.DistrictEntryGradeLevel | The grade level of the student upon entry into the district. | 99.99% |
| STUDENTS.SchoolEntryGradeLevel | The grade level of the student when entering the current school. | 99.99% |
| STUDENTS.Student_Number | The unique student number within the district. | 99.99% |
| STUDENTS.Log | timestamp on student record | 99.99% |
| STUDENTS.Father_StudentCont_guid | Unique ID - random string of numbers | 99.99% |
| STUDENTS.Mother_StudentCont_guid | Unique ID - random string of numbers | 99.99% |
| STUDENTS.Person_ID | Unique ID - random string of numbers | 99.99% |
| STUDENTS.Guardian_StudentCont_guid | Unique ID - random string of numbers | 99.99% |
| STUDENTS.dcid | Unique ID - random string of numbers SADID | 99.99% |
| STUDENTS.ID | Unique ID - random string of numbers LASID | 99.99% |
| STUDENTS.StudentPers_guid | Unique identifier for the student record, long string. | 99.99% |
| STUDENTS.StudentPict_guid | Unique identifier for the student’s picture record. Note: students' photos were NOT included in the data breach. | 99.99% |
| STUDENTS.EnrollmentCode | 0,1, or 2 | 99.98% |
| STUDENTS.Sched_NextYearGrade | Indicates the grade being used within the scheduling engine | 99.98% |
| STUDENTS.EntryDate | Date the student entered the school or district. | 99.91% |
| STUDENTS.ExitDate | End date of current school year or date the student exited the school/district. | 99.91% |
| STUDENTS.Last_Name | The student’s last name | 99.91% |
| STUDENTS.First_Name | The student’s first name. | 99.91% |
| STUDENTS.LastFirst | The student’s full name in "Last Name, First Name" format. | 99.91% |
| STUDENTS.Fee_Exemption_Status | 0, 1, 2, or 3 | 99.87% |
| STUDENTS.DOB | The student’s date of birth. | 99.80% |
| STUDENTS.ClassOf | The students year of graduation | 99.78% |
| STUDENTS.Gender | The student’s gender. | 99.75% |
| STUDENTS.State | The state where the student resides. | 99.74% |
| STUDENTS.City | The city of the student’s residence. | 99.67% |
| STUDENTS.Street | The street where the student resides. | 99.66% |
| STUDENTS.FTEID | Internal code for school enrollment year | 99.37% |
| STUDENTS.Zip | The zip where the student resides. | 99.25% |
| STUDENTS.TRANSACTION_DATE | Date stamp | 98.29% |
| STUDENTS.StudentSchlEnrl_guid | Unique identifier for the student’s school enrollment record. | 98.20% |
| STUDENTS.WHOMODIFIEDTYPE | A, N or X | 96.31% |
| STUDENTS.Mailing_City | The city listed on the student’s mailing address. | 96.07% |
| STUDENTS.Ethnicity | internal code for the student’s ethnicity as self-reported or recorded. | 95.81% |
| STUDENTS.Mailing_State | The state listed on the student’s mailing address. | 94.72% |
| STUDENTS.Mailing_Zip | the zip code for where the student resides | 94.59% |
| STUDENTS.State_StudentNumber | The unique state-level identifier for the student. | 94.07% |
| STUDENTS.Sched_YearOfGraduation | The student’s expected year of graduation. | 93.72% |
| STUDENTS.TransferComment | Comments regarding the student’s transfer - lists the school they are coming from or going to | 90.82% |
| STUDENTS.Mailing_Street | The street listed on the student’s mailing address. | 87.01% |
| STUDENTS.AllowWebAccess | 0 or 1 | 78.92% |
| STUDENTS.Middle_Name | the student's middle name | 76.87% |
| STUDENTS.Home_Phone | The student’s home phone number. | 76.05% |
| STUDENTS.DistrictEntryDate | The date the student first entered the district. | 75.42% |
| STUDENTS.Mother | legacy field for parent contact information; not used by district after 2015 | 73.39% |
| STUDENTS.WHOMODIFIEDID | internal code for change history | 73.03% |
| STUDENTS.Home_Room | For some students, this lists their homeroom as a classroom number or teacher name | 70.29% |
| STUDENTS.EntryCode | internal code for student entry within a school year | 70.29% |
| STUDENTS.Father | legacy field for parent contact information; not used by district after 2015 | 69.58% |
| STUDENTS.DistrictOfResidence | The district where the student resides. | 68.88% |
| STUDENTS.Student_Web_ID | User's unique login ID | 68.71% |
| STUDENTS.Student_Web_Password | System Password for PowerSchool portals; cannot be exported | 68.19% |
| STUDENTS.Web_ID | User's unique login ID | 66.75% |
| STUDENTS.Web_Password | Encrypted Password for PowerSchool portals; cannot be exported | 66.59% |
| STUDENTS.ExitComment | specifies the school the student is now attending | 64.31% |
| STUDENTS.Doctor_Name | The name of the student's primary doctor. | 62.80% |
| STUDENTS.Doctor_Phone | The phone number for the student’s doctor. | 61.36% |
| STUDENTS.ExitCode | internal code for student exit within a school year | 57.12% |
| STUDENTS.SchoolEntryDate | The date the student first entered the current school. | 50.65% |
| STUDENTS.Sched_Priority | Indicates student sort order for PowerScheduler use | 45.39% |
| STUDENTS.Family_Ident | numerical code | 36.06% |
| STUDENTS.Graduated_SchoolID | DESE school code | 31.53% |
| STUDENTS.Graduated_SchoolName | Name of the school from which the student graduated. | 31.53% |
| STUDENTS.Next_School | The next school the student is expected to attend. | 28.37% |
| STUDENTS.Emerg_Contact_1 | legacy field for student emergency contact information; not used by district after 2015 | 24.28% |
| STUDENTS.Emerg_Phone_1 | legacy field for student emergency contact information; not used by district after 2015 | 24.21% |
| STUDENTS.IP_ADDRESS | last IP address that PS was used from by the student | 23.84% |
| STUDENTS.Emerg_Contact_2 | legacy field for student emergency contact information; not used by district after 2015 | 15.56% |
| STUDENTS.Emerg_Phone_2 | legacy field for student emergency contact information; not used by district after 2015 | 15.54% |
| STUDENTS.Team | team associated with students schedule | 12.98% |
| STUDENTS.Alert_Medical | Indicates if the student has any medical alerts school staff should be aware of (entered by nursing team) | 7.94% |
| STUDENTS.SummerSchoolNote | Identifies either school name attended for summer programming or note related to future summer program selection | 6.74% |
| STUDENTS.GradReqSetID | internal codes for graduation requirement set | 4.84% |
| STUDENTS.Track | Not Used By District | 3.52% |
| STUDENTS.Alert_Other | Indicates if the student has any school facing alerts (was used for 504 accomodation data for students who exited before sy2324) | 3.40% |
| STUDENTS.SSN | The student’s Social Security Number | 1.97% |
| STUDENTS.TuitionPayer | Not Used By District | 1.41% |
| STUDENTS.Sched_NextYearTeam | Indicates the team being used within the scheduling engine | 0.95% |
| STUDENTS.GuardianEmail | legacy field for parent contact information; not used by district after 2015 | 0.84% |
| STUDENTS.Alert_Guardian | Indicates if the student has any guardian alerts (notes field - used for court order information) | 0.63% |
| STUDENTS.Sched_NextYearHouse | Indicates the house being used within the scheduling engine | 0.44% |
| STUDENTS.Enrollment_Transfer_Info | Note regarding next school expected for transferred students - only found on 6 records | 0.21% |
| STUDENTS.Alert_OtherExpires | The date when the other alert expires. | 0.18% |
| STUDENTS.Alert_GuardianExpires | The date when the guardian alert expires. | 0.16% |
| STUDENTS.Applic_Response_Recvd_Date | Date | 0.15% |
| STUDENTS.Applic_Submitted_Date | Not Used By District | 0.15% |
| STUDENTS.WM_Address | Not Used By District | 0.15% |
| STUDENTS.Alert_Discipline | Indicates if the student has any disciplinary alerts. | 0.11% |
| STUDENTS.Locker_Number | The number of the locker assigned to the student. | 0.06% |
| STUDENTS.Locker_Combination | The combination for the student’s locker | 0.05% |
| STUDENTS.Alert_MedicalExpires | The date for when the medical alert expires | 0.04% |
| STUDENTS.GPEntryYear | Not Used By District | 0.03% |
| STUDENTS.LastMeal | Not Used By District | 0.02% |
| STUDENTS.Alert_DisciplineExpires | The date when the disciplinary alert expires. | 0.02% |
| STUDENTS.State_ExcludeFromReporting | Data is either true or false. | 0.01% |
| STUDENTS.Sched_NextYearBuilding | Indicates the building being used within the scheduling engine | 0.01% |
| STUDENTS.Sched_LockStudentSchedule | Not Used By District | 0.01% |
| STUDENTS.CustomRank_GPA | Not used by district; random number on file for one student | 0.01% |
| STUDENTS.Lunch_ID | Student PIN for lunch transactions | 0.01% |
| STUDENTS.Enrollment_Transfer_Date_Pend | Field used to support student transfer workflows | 0.00% |
| STUDENTS.Bus_Route | Not Used By District | 0.00% |
| STUDENTS.Phone_ID | Not Used By District | 0.00% |
| STUDENTS.Sched_NextYearHomeRoom | Not Used By District | 0.00% |
| STUDENTS.Bus_Stop | Not Used By District | 0.00% |
| STUDENTS.WM_StatusDate | Not Used By District | 0.00% |
| STUDENTS.CampusID | Not Used By District | 0.00% |
| STUDENTS.Geocode | Not Used By District | 0.00% |
| STUDENTS.Graduated_Rank | Not Used By District | 0.00% |
| STUDENTS.TeacherGroupID | Not Used By District | 0.00% |
| STUDENTS.WM_TA_Flag | Not Used By District | 0.00% |
| STUDENTS.WM_CreateDate | Not Used By District | 0.00% |
| STUDENTS.Withdrawal_Reason_Code | Not Used By District | 0.00% |
| STUDENTS.Balance4 | Not Used By District | 0.00% |
| STUDENTS.Sched_NextYearBus | Not Used By District | 0.00% |
| STUDENTS.Building | Not Used By District | 0.00% |
| STUDENTS.GuardianFax | Not Used By District | 0.00% |
| STUDENTS.PL_Language | Not Used By District | 0.00% |
| STUDENTS.Balance1 | Not Used By District | 0.00% |
| STUDENTS.SDataRN | Not Used By District | 0.00% |
| STUDENTS.Balance2 | Not Used By District | 0.00% |
| STUDENTS.LDAPEnabled | Not Used By District | 0.00% |
| STUDENTS.Balance3 | Not Used By District | 0.00% |
| STUDENTS.Cumulative_GPA | Not Used By District | 0.00% |
| STUDENTS.Cumulative_Pct | Not Used By District | 0.00% |
| STUDENTS.EnrollmentType | Not Used By District | 0.00% |
| STUDENTS.FedRaceDecline | Not Used By District | 0.00% |
| STUDENTS.FullTimeEquiv_obsolete | Not Used By District | 0.00% |
| STUDENTS.GradReqSet | Not Used By District | 0.00% |
| STUDENTS.Mailing_Geocode | Not Used By District | 0.00% |
| STUDENTS.Simple_GPA | Not Used By District | 0.00% |
| STUDENTS.Simple_PCT | Not Used By District | 0.00% |
| STUDENTS.SummerSchoolID | Not Used By District | 0.00% |
| STUDENTS.WM_CreateTime | Not Used By District | 0.00% |
| STUDENTS.WM_Password | Not Used By District | 0.00% |
| STUDENTS.WM_Status | Not Used By District | 0.00% |
| STUDENTS.WM_TA_Date | Not Used By District | 0.00% |
| STUDENTS.WM_Tier | Not Used By District | 0.00% |
| STUDENTS.Sched_LoadLock | Not Used By District | 0.00% |
PowerSchool Cybersecurity Incident Update 2.14.25
| Dear PowerSchool User or Parent / Guardian of User: | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| You are receiving this notice on behalf of Matthew Coleman (the “named individual”) from PowerSchool. As you may know, PowerSchool provides software and services to your current or former school or the current or former school of a person to whom you are a parent or guardian. In compliance with State laws, we are writing to share with you some important information regarding a recent cybersecurity incident involving personal information belonging to the named individual. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| What Happened? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| On December 28, 2024, PowerSchool became aware of a cybersecurity incident involving unauthorized exfiltration of certain personal information from PowerSchool Student Information System (SIS) environments through one of our community-focused customer support portals, PowerSource. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| What Information Was Involved? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Due to differences in customer requirements, the types of information involved in this incident included one or more of the following, which varied by person: name, contact information, date of birth, Social Security Number, limited medical alert information, and other related information. At this time, we do not have evidence that the named individual’s Social Security Number was involved. At this time, we do not have evidence that limited medical alert information for the named individual was involved. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| What Are We Doing? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| PowerSchool is offering two years of complimentary identity protection services to students and educators whose information was involved. For adult students and educators whose information was involved, this offer will also include two years of complimentary credit monitoring services. If your personal information was involved in this incident and you are interested in enrolling in credit monitoring or identity protection, please follow the steps for either Option 1 or Option 2 below: |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| As soon as PowerSchool learned of the incident, we engaged cybersecurity response protocols and mobilized senior leadership and third-party cybersecurity experts to conduct a forensic investigation of the scope of the incident and to monitor for signs of information misuse. We are not aware at this time of any identity theft attributable to this incident. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| What Can You Do? | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| You are encouraged to remain vigilant against incidents of identity theft and fraud by reviewing account statements for suspicious activity. PowerSchool will never contact you by phone or email to request your personal or account information. The enclosed “General Information About Identity Theft Protection” provides further information about what steps you can take. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Other Important Information. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| If you have any questions or concerns about this notice, please call 833-918-9464, Monday through Friday, 8:00am through 8:00pm Central Time (excluding major US holidays). | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Sincerely, | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| The PowerSchool Team |
PowerSchool Update 3.7.25
- The final CrowdStrike Incident Report, which did not identify any new or concerning findings beyond what we have shared;
- Our ongoing engagement with regulators in the United States and Canada;
- The identity monitoring (and credit monitoring, as applicable) that PowerSchool continues to make available to all individuals involved, and
- How PowerSchool has and will continue to strengthen our cybersecurity defenses as we connect the education community with the shared goal of helping students thrive through personalized education.
- The Threat Actor accessed PowerSource, a community-focused customer support portal, using a single compromised credential.
- The Threat Actor’s activities were limited to exfiltration of select PowerSchool SIS instances of Students and Teachers tables.
- CrowdStrike’s Recon+ Intelligence service has not identified any evidence of this exfiltrated information available for sale or download.
- CrowdStrike found no evidence of system-layer access or malware associated with this incident.
- CrowdStrike found no other PowerSchool products were compromised.
- While the PowerSource environment experienced unauthorized activity prior to December, PowerSchool believes that the data exfiltration occurred in late December.
- Experian, our identity protection services provider, has sent email notifications on PowerSchool’s behalf (except those customer who opted out) to both current and former families and educators whose information was involved, and for whom we have available contact information. These notifications will continue as we process on-premise customer information.
- These individual notices are sent from an Experian company, CSIdentity whose domain includes @csid. Please contact your CSM or Support team leader if you have any questions. Neither PowerSchool nor Experian will ever ask you for personal information via email.
- You can share information regarding the available monitoring services to your communities using the form letters provided to you by PowerSchool or the information provided on PowerSchool’s website.
- Information on how to enroll in identity and credit monitoring is posted on PowerSchool’s website (for the U.S. and Canada). We encourage you and your communities to take advantage of the monitoring being offered.
- PowerSchool has extended the sign-up deadline for Experian’s services from May 31, 2025, to July 31, 2025.
- Required that 100% of PowerSchool employees and contractors utilize SSO, MFA, VPN, and VDI for any hardware or resource that accesses customer data – including PowerSource;
- Invested in physical security measures including fingerprint and facial recognition authentication for all PowerSchool employees and contractors;
- Implemented rigorous technical audits of all access to customer data to validate and reinforce our security framework, including shortening the time-windows for authorized maintenance to reduce the risk of improper access; and,
- Limited the number of SIS instances a single account can log into during a 24-hour period.
- Establishing a new Customer Security Advisory Council, which will provide a forum for in-depth security reviews, industry collaboration, and best practice sharing.
- Developing a security rubric to help districts assess not only PowerSchool’s security commitment but also their own infrastructure and third-party systems.
- Continuing our long-standing security protocols, including adherence to global standards (such as ISO 27100), product-level governance (including SOC II audits), and monitoring via our Security Operations Center, which currently maintains 24x7x365 coverage against cybersecurity threats. You can learn more about our security process and policies here.