Breach

The recent breach of PowerSchool, a widely used student and teacher management software platform, is a stark reminder of the precarious state of cybersecurity in the U.S. education sector.

Despite lacking evidence suggesting any security breach, HPE has moved to implement its cyber response protocols while deactivating related credentials.

Infiltration of Wolf Haldenstein's systems facilitated the compromise of individuals' full names, Social Security numbers, employee identification numbers, medical diagnoses, and medical claim details, none of which has been misused so far, said the law office in a data breach notice detailing that investigation into the extent of the breach only concluded early last month.

While major German manufacturer Covestro confirmed having its U.S. logistics server's data impacted by the Clop hack, leading U.S. car rental firm Hertz, Western Alliance Bank, and Arrow Electronics disclosed the lack of any evidence suggesting that their respective systems have been compromised as a result of the incident.

All FBI devices leveraging the agency's AT&T public safety service were noted by a document and officials close to the matter to have been impacted by the incident, which was previously reported to have compromised nearly 109 million customers' call detail records from 2022.

All demographic information belonging to students and teachers dating back to a school district with almost 9,000 pupils' initial installation of PowerSchool have also been accessed as a result of the hack, according to a source close to the matter, who noted PowerSchool's lack of multi-factor authentication and other standard security defenses.

Investigation into the incident revealed that Avery's website had been compromised with a credit card skimmer that enabled the exfiltration of individuals' names, billing and shipping addresses, phone numbers, email addresses, payment card details, and purchase amounts inputted in the website between July 18 and December 9.