Millions of student and teacher records are exposed due to PowerSchool data breach.

Cybercriminals do not discriminate against any industry, attacking sectors such as health care, insurance, automotive, and education. Health care has been a popular target, with incidents like the Ascension breach in 2020 and the CVR incident in late 2024.

Millions of students and teachers' records have been stolen by PowerSchool, the latest education technology giant to be targeted.

The extent of the breach is alarming, although the exact number of affected individuals is unknown.

Over 60 million K-12 students and teachers are managed by PowerSchool, which serves 18,000 customers worldwide, including schools in the U.S. and Canada.

How did hackers target PowerSchool

On January 7, PowerSchool announced a cybersecurity breach to its customers, as reported by BleepingComputer. The company stated that they discovered the breach on December 28, when customer data from their PowerSchool SIS platform was stolen through the PowerSource support portal.

Using stolen credentials, hackers gained access to the PowerSource portal and utilized an "export data manager" tool to steal student information from PowerSchool SIS, which is used for managing grades, attendance, enrollment, and other student records.

The company stated that the breach was not caused by ransomware or software errors, but was a result of a network break-in. A third-party cybersecurity firm has been hired to investigate the incident, determine its cause and identify the affected parties.

What data got stolen

The attacker stole a CSV file containing the PowerSchool SIS "students" and "teachers" database tables after exploiting the feature that allows PowerSchool engineers to access customer systems for support and troubleshooting through the PowerSource portal.

While PowerSchool confirmed that the stolen data mainly consists of contact information such as names and addresses, some districts may also have sensitive information like Social Security numbers, personally identifiable information, medical records, and grades.

The company stated that customer support tickets, credentials, and forum data were not accessed or stolen during the breach. PowerSchool emphasized that not all SIS customers were affected and only a subset of customers will need to notify those affected.

The developer informed customers that they do not expect the data to be shared or made public and believe it has been deleted without any further replication or dissemination.

"We have deactivated the compromised credential, restricted access to the affected portal, conducted a full password reset, and tightened password and access control for all PowerSource customer support portal accounts."

PowerSchool announced that affected adults will receive free credit monitoring, while minors will get subscriptions to an unspecified identity protection service.

5 ways you can stay safe from PowerSchool data breach

The data breach of PowerSchool has emphasized the need to be cautious about your personal information. Here are five actions you can take to safeguard yourself:

Regularly monitor your accounts: Keep a close eye on your bank accounts, credit cards, and any online services linked to your personal information. Watch for unauthorized transactions or changes to your accounts that could signal misuse of your data.

Consider placing a credit freeze with major credit bureaus like Equifax, Experian and TransUnion if your Social Security number or other sensitive details were compromised. This prevents potential identity thieves from opening new accounts in your name.

Utilize PowerSchool's identity protection services to safeguard your identity in the event of a breach. These services can notify you of any suspicious activity and offer assistance if your identity is compromised.

Identity protection services offer up to $1 million in identity theft insurance to cover losses and legal fees, as well as a white glove fraud resolution team with a U.S.-based case manager to help you recover any losses. Check out my tips and best picks for protecting yourself from identity theft.

Enable two-factor authentication (2FA) for your online accounts wherever possible. This enhances security by requiring a second verification method, such as a text code or app-generated token, to access your accounts.

Be cautious of phishing links and ensure you have robust antivirus software: Cybercriminals frequently use phishing attacks to take advantage of data breaches. Avoid clicking on questionable links in emails or text messages, particularly those that claim to be from PowerSchool or your school district.

To ensure your safety from malicious links, install antivirus software on all your devices. This software not only protects against viruses but also alerts you to phishing emails and ransomware scams, safeguarding your personal information and digital assets. Here are my top picks for the best 2025 antivirus protection for Windows, Mac, Android, and iOS devices.

Kurt’s key takeaway

PowerSchool shares responsibility for the breach, as it failed to adequately protect sensitive data. The company may also be in violation of data privacy agreements and federal and state laws. What's more concerning is that PowerSchool took nearly two weeks to notify its customers about the breach, leaving schools scrambling to assess the full extent of the intrusion. This delay is not just irresponsible; it puts students, parents, and teachers at heightened risk of cyberattacks and identity theft.

Should companies like PowerSchool face stricter regulations for handling sensitive data? Share your thoughts by writing to Cyberguy.com/Contact.

To receive more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by visiting Cyberguy.com/Newsletter.

Follow Kurt on his social channels

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com.  All rights reserved.