On January 7, 2025, we were informed by PowerSchool of a cybersecurity incident affecting their system. PowerSchool reported that on December 28, 2024, they discovered unauthorized access to certain information through one of their customer support portals, PowerSource. An unauthorized party gained access to some PowerSchool Student Information System (SIS) customer data using a compromised credential. This is a nationwide issue affecting many school districts.

The compromised data primarily included demographic information such as names, addresses, phone numbers, email addresses, student ID numbers, birthdates, and staff ID numbers. Student health alerts and custodial alerts were included if they were part of the student's demographic data. Importantly, the data did not include passwords, credit card information, legal documents used during student registration, student health records or details (beyond the alerts), or other educational or personnel information about students or staff. In a previous system, student SSN data was collected and that data was migrated to PowerSchool. As a result, around 60 current and former staff members and over 2000 former students had their social security numbers compromised.

PowerSchool notified us of the incident on January 7, 2025. We then immediately activated our cybersecurity response team upon notification. The team assessed the extent of the data breach and identified any impacted individuals. At this point, we notified our community on January 9, 2025, given the significance and potential impact

PowerSchool discovered the incident on December 28, 2024, but notified us on January 7, 2025. We are disappointed with this delay and have communicated our concerns to PowerSchool. We will continue to demand greater transparency and timely communication in the future.

• Cybersecurity Response Team: We activated our cybersecurity response team immediately upon notification.

• Assessment: We worked with PowerSchool to assess the extent of the data breach and identify any impacted individuals.

• Data Protection: We have ensured that systems are secured and all SSNs have been removed from the PowerSchool system.

• Communication: We are committed to keeping our community informed. We have sent multiple communications and will continue to provide updates as necessary. Individuals whose SSNs were compromised were notified directly.

• Follow-up: We continue to investigate the situation with PowerSchool to understand the full scope of the breach and its impact, and we continue to closely monitor for any suspicious activity within our systems.

PowerSchool has provided their own updates regarding the data breach. PowerSchool has reported that the data breach has been contained. PowerSchool has reported that it “engaged our cybersecurity response protocols and mobilized a cross-functional response team, including senior leadership and third-party cybersecurity experts. We have also informed law  enforcement.” PowerSchool has stated that the incident is contained, and they have no evidence of ongoing unauthorized activity. They believe the downloaded data has been destroyed.

PowerSchool has also indicated they will provide:

• Credit monitoring services to affected adults

• Identity protection services to affected minors

While we do not have direct control over the security of third-party vendors like PowerSchool, we are actively monitoring and implementing measures on our end to minimize any potential impact moving forward:

• We have removed SSN information for all teachers, students, and families in the PowerSchool system.

• We will continue to vet our software products to ensure they have student data privacy agreements in place; PowerSchool did have a signed agreement.

We encourage those affected to remain vigilant. Here are some steps you can take:

• Monitor for Suspicious Activity: Be watchful for any suspicious emails, phone calls, or text messages requesting personal information.

• Review Financial Statements: Carefully review your bank and credit card statements for any unauthorized activity.

• Credit Monitoring: Consider placing a fraud alert or credit freeze on your credit report with the major credit bureaus (Equifax, Experian, and TransUnion). You can do this by contacting each bureau directly or through the Annual Credit Report website (annualcreditreport.com).

• Identity Theft Protection: Consider enrolling in an identity theft protection service.

• Resources:

  • Identity Theft Resource Center: 1-888-596-8229 | https://www.identitytheft.gov/

  • Federal Trade Commission (FTC): https://consumer.ftc.gov/

You can contact us by email at pshelp@mursd.org or call your school’s office.