PowerSchool Cybersecurity Incident

PowerSchool is a K-12 software provider that runs the most commonly used student information system (SIS) in U.S. schools. Galena City School District uses their SIS to house all of our student records. 

December 28, 2024

PowerSchool became aware of a cybersecurity incident involving their SIS environment which impacted the data of potentially 50 million students across the United States including Galena. 

January 7th, 2025

PowerSchool later shared specifics in a release that their systems had been the target of a cybersecurity incident that resulted in the exfiltration of data from the Students and Teachers tables for some PowerSchool SIS customers by an unauthorized user. They immediately took corrective measures necessary to contain the incident, began notifying relevant regulatory agencies on behalf of their customers (where applicable) as well as students and educators whose data was involved, and provided credit and identity monitoring services to the individuals students and educators.

Friday, March 7, 2025

PowerSchool shared closing updates on:

1. The  final CrowdStrike Incident Report, which did not identify any new or concerning findings beyond what was previously shared; 
2. Ongoing engagement with regulators in the United States and Canada;
3. The identity monitoring (and credit monitoring, as applicable) that PowerSchool continues to make available to all individuals involved, and 
4. How PowerSchool has and will continue to strengthen their cybersecurity defenses as they connect the education community with the shared goal of helping students thrive through personalized education.

CrowdStrike Incident Report

Immediately after PowerSchool became aware of the incident, CrowdStrike was engaged to conduct an investigation into the incident. PowerSchool made available a CrowdStrike interim fact sheet in mid-January, and with the investigation complete, they are now sharing the  final incident report.

On January 17th, PowerSchool secured two years of complimentary identity protection for all students and educators involved where such services are available through Experian, regardless of whether an individual’s social security number was exfiltrated. They also made available two years of credit monitoring for involved students and educators in the United States and Canada who are eligible for credit monitoring services. To further support your communities with these resources, please note:

• Experian, PowerSchool’s identity protection services provider, has sent email notifications on PowerSchool’s behalf (except those customer who opted out) to both current and former families and educators whose information was involved, and for whom we have available contact information. These notifications will continue as we process on-premise customer information. 
  
  
• These individual notices are sent from an Experian company, CSIdentity whose domain includes @csid . Please contact GCSD’s Office of Technology if you have any questions. Neither PowerSchool nor Experian will ever ask you for personal information via email. 
  
  
• You can share information regarding the available monitoring services to your communities using the form letters provided to you by PowerSchool or the information provided on PowerSchool’s  website. 
  
  
• Information on how to enroll in identity and credit monitoring is posted on PowerSchool’s  website (for the  U.S. and  Canada). We encourage all of our GCSD families and staff to take advantage of the monitoring being offered. 
  
  
• PowerSchool has extended the sign-up deadline for Experian’s services from May 31, 2025, to  July 31, 2025.