The repercussions of the breach have been widespread, impacting a total of 6,505 school districts globally, with notable institutions such as the Toronto District School Board and the Dallas Independent School District among the hardest hit.

PowerSchool, a California-based education technology company, disclosed a significant data breach that occurred on December 28, 2024, affecting student and staff data across the U.S. and Canada.

The breach was executed by an unidentified hacker who accessed PowerSchool's Student Information System using stolen credentials.

The Toronto District School Board revealed that hackers accessed sensitive data spanning 40 years, affecting parents, students, and alumni.

While PowerSchool claims that the stolen data has been deleted, they have not provided evidence to confirm this, leaving uncertainty about the hackers' possession of the data.

PowerSchool has not disclosed whether a ransom was paid to the hackers, nor the amount demanded, despite their engagement with an incident response company during the negotiations.

PowerSchool serves over 60 million students across more than 18,000 schools globally, highlighting the extensive impact of this breach.

In California, the Menlo Park City School District reported that approximately 14,000 individuals, including current students and staff, have been affected since the 2009-2010 school year.

Compromised information includes personal details such as medical histories, home addresses, phone numbers, and notes regarding student discipline.

At least four class action lawsuits have been filed against PowerSchool, alleging negligence that has impacted over 60 million teachers and students.

In response to the breach, PowerSchool has committed to providing free credit monitoring services for those affected, with notifications expected by the end of January 2025.

Concerns have been raised regarding PowerSchool's cybersecurity practices, particularly the absence of multi-factor authentication on the compromised PowerSource system prior to the breach.