Dozens of K-12 school districts in the U.S. and Canada had their students' and teachers' personal data compromised following a cyberattack against major global education software provider PowerSchool's student information system initially discovered in late December, BleepingComputer reports.
Infiltration of PowerSchool's PowerSource customer support portal via stolen credentials enabled threat actors to access a maintenance access tool enabling entry to SIS instances and the eventual exfiltration of data such as names and addresses, as well as personally identifiable information, Social Security numbers, medical details, and grades, according to PowerSchool. Despite emphasizing that the breach did not impact customer credentials and forum information, PowerSchool admitted to having provided the demanded ransom to avert data exposure. "PowerSchool engaged the services of CyberSteward, a professional advisor with deep experience in negotiating with threat actors. With their guidance, PowerSchool has received reasonable assurances from the threat actor that the data has been deleted and that no additional copies exist," said the firm.
