#powerschool — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #powerschool, aggregated by home.social.
-
https://www.europesays.com/news/26625/ All students, staff may be affected by Canvas breach in Needham #Canvas #CanvasBreach #college #Cybersecurity #CybersecurityIncident #DanGutekanst #DataBreach #datum #district #EmailAddresses #GradebookData #Headlines #information #Instructure #MassSuperintendent #Massachusetts #may #Needham #NeedhamPublicSchools #News #PowerSchool #staff #student #students #thursday #TopStories #UnauthorizedActivity #WCVB
-
#Cyberattack hits #Canvas system used by thousands of schools as #finals loom
By HEATHER HOLLINGSWORTH
Updated 11:19 PM EDT, May 7, 2026Excerpt: "Connolly said the Canvas attack is strikingly similar to a breach at #PowerSchool, which also offers learning management tools [#LMS]. In that case a Massachusetts college student was charged.
"Connolly described #ShinyHunters as a loose affiliation of teenagers and young adults based in the U.S. and the United Kingdom. The group also has been tied to a other attacks, including one aimed at #LiveNation’s #Ticketmaster subsidiary."
#CanvasLMS #Instructure #CanvasPlatform #Cyberattack #CanvasSoftware #Education #Technology #Databreach
-
This won't be the end of this controversy, but a California court did not dismiss claims against Bain Capital over the PowerSchool data breach. In considering the timeline and the private equity firm's actions before and after its acquisition of PowerSchool in 2024, the court noted, in part:
"Post-closing, Bain directed PowerSchool to offshore cybersecurity, engineering, and IT functions to contractors, including offshoring required data-management tools that enabled vendors to bypass consent protocols and access protected school district computers directly.
Bain failed to assess data-breach risks from the offshoring it directed.
Post-closing, Bain directed layoffs of at least 5% of PowerSchool’s workforce, including critical domestic IT staff."
Read more from Womble Bond Dickinson at https://www.womblebonddickinson.com/us/insights/alerts/unprecedented-private-equity-firm-potentially-hook-portfolio-companys-data-breach
h/t, JDSupra, The National Law Review
#EdTech #Liability #negligence #PowerSchool #BainCapital #hackandleak
-
Earlier today, Matthew Lane, the 19-year old from Massachusetts who confessed to hacking a telecom and #PowerSchool, was sentenced to 4 years in prison, 3 years supervised release after that, $14M in restitution, and forfeiture of $160k.
#EduSec #cybersecurity #ShinyHunters #G0retrance #databreach
-
NEW: PowerSchool hit by Salesloft Drift campaign, but hackers claim that there is no risk of harm or ransom
#PowerSchool #EduSec #EdTech #Salesloft #Salesforce #cybersecurity #databreach
-
Texas Attorney General Ken Paxton has filed a lawsuit against PowerSchool over its massive 2024 data breach. The lawsuit claims that PowerSchool violated both the Texas Deceptive Trade Practices Act and the Identity Theft Enforcement and Protection Act by misleading customers about its security practices and failing to take reasonable measures to protect sensitive information entrusted by Texas families and school districts.
Lawsuit: https://www.texasattorneygeneral.gov/sites/default/files/images/press/PowerSchool%20Petition.pdf
h/t, Click2Houston
-
"To the extent that COPPA could be deemed to create an agency relationship between schools and parents, the scope of any such agency should be strictly limited to the parental notice-and-consent process addressed by that legislation, and should not be extended to any other contractual terms, including arbitration." This would not be nearly as concerning if everyone wasn't so provenly bad at securing their systems and the data within, despite the "We Are Very Good At Privacy And Security, Actually" statements on their websites. #EdTech #COPPA #FERPA #PowerSchool #SIS #AI
-
Oh wait, never mind. As it turns out #EdTech have asserted that schools can consent to privacy agreements on behalf of parents and students so we're not even involved. Good stuff. Probably not a good sign for them that even the FTC disagrees with this very skewed reading of #COPPA and #FERPA legislation 🤔 https://edtech.law/cases/nonconsensual-student-data-mining-powerschool-and-ixl-learning/ #PowerSchool #SIS #AI
-
Guess I should ask school about this too 🤷♂️ #PowerSchool #SIS #AI
-
Hey US parents with kids attending K-12 schools that use #PowerSchool as their #SIS, did you notice this year's big new feature is PowerBuddy the friendly #AI chat bot? Great right? 😱
My first question for it was "How do I opt out of all the AI things?" (Because I know you likely already unknowingly mishandled student data) and was told to reach out to school admin staff for help. Classy move to outsource product privacy support to your customers, I'm sure schools appreciate it too.
-
And the Privacy Commissioner has discontinued its investigation into PowerSchool. They say they’re satisfied with the company’s response and commitment to safety measures.
https://www.cbc.ca/news/canada/toronto/federal-privacy-watchdog-discontinuing-student-data-breach-investigation-1.7591131
- - -
Et le Commissaire à la vie privée a interrompu son enquête de PowerSchool. Il dit être satisfait des réponses de la compagnie et de son engagement dans les mesures de sécurité.https://www.priv.gc.ca/fr/nouvelles-du-commissariat/nouvelles-et-annonces/2025/nr-c-20250722/
-
So they wouldn't have committed without that "engagement?"
#PowerSchool #EduSec #databreach
"We take your privacy and security very seriously... when we have to," admitted no entity, ever.
-
19-Year-Old Admits to PowerSchool Data Breach Extortion https://hackread.com/19-year-old-admits-powerschool-data-breach-extortion/ #Cybersecurity #CyberAttack #PowerSchool #CyberCrime #databreach #Extortion #Educaton #Ransom
-
19-Year-Old Admits to PowerSchool Data Breach Extortion – Source:hackread.com https://ciso2ciso.com/19-year-old-admits-to-powerschool-data-breach-extortion-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttack #PowerSchool #CyberCrime #DataBreach #Extortion #Educaton #Hackread #Ransom
-
Toronto School Board Hit with Extortion Demand After PowerSchool Data Breach https://thecyberexpress.com/powerschool-data-breach-leads-tdsb-extortion/ #TorontoDistrictSchoolBoard #PowerSchooldatabreach #TheCyberExpressNews #ransomwareattack #TheCyberExpress #DataBreachNews #RansomwareNews #TDSBDataBreach #FirewallDaily #PowerSchool #CyberNews #Extortion
-
PowerSchool, the cloud platform provider providing services to school boards across Canada & the US has confirmed that even though a ransom has been paid to the cybercriminals holding the data ransom & received assurances that the data was destroyed, the criminals have returned demanding for more money as they have not actually destroyed the data.
This unfortunately highlights the biggest risk when it comes to paying ransom for data destruction, threat actors can always come back demanding for more once they realize exactly how valuable the data is.
www.thestar.com/news/gta/student-data-obtained-in-a-cyberattack-on-gta-school-boards-was-supposed-to-be-destroyed/article_cf2901bb-3fcc-4f84-ad7b-32399076b7e5.html
#infosec #PowerSchool #PowerSchoolHack #ransom #TDSB #YRDSB #PDSB #Toronto #YorkRegion #PeelRegion #Ontario #Canada -
PowerSchool, the cloud platform provider providing services to school boards across Canada & the US has confirmed that even though a ransom has been paid to the cybercriminals holding the data ransom & received assurances that the data was destroyed, the criminals have returned demanding for more money as they have not actually destroyed the data.
This unfortunately highlights the biggest risk when it comes to paying ransom for data destruction, threat actors can always come back demanding for more once they realize exactly how valuable the data is.
www.thestar.com/news/gta/student-data-obtained-in-a-cyberattack-on-gta-school-boards-was-supposed-to-be-destroyed/article_cf2901bb-3fcc-4f84-ad7b-32399076b7e5.html
#infosec #PowerSchool #PowerSchoolHack #ransom #TDSB #YRDSB #PDSB #Toronto #YorkRegion #PeelRegion #Ontario #Canada -
PowerSchool, the cloud platform provider providing services to school boards across Canada & the US has confirmed that even though a ransom has been paid to the cybercriminals holding the data ransom & received assurances that the data was destroyed, the criminals have returned demanding for more money as they have not actually destroyed the data.
This unfortunately highlights the biggest risk when it comes to paying ransom for data destruction, threat actors can always come back demanding for more once they realize exactly how valuable the data is.
www.thestar.com/news/gta/student-data-obtained-in-a-cyberattack-on-gta-school-boards-was-supposed-to-be-destroyed/article_cf2901bb-3fcc-4f84-ad7b-32399076b7e5.html
#infosec #PowerSchool #PowerSchoolHack #ransom #TDSB #YRDSB #PDSB #Toronto #YorkRegion #PeelRegion #Ontario #Canada -
PowerSchool, the cloud platform provider providing services to school boards across Canada & the US has confirmed that even though a ransom has been paid to the cybercriminals holding the data ransom & received assurances that the data was destroyed, the criminals have returned demanding for more money as they have not actually destroyed the data.
This unfortunately highlights the biggest risk when it comes to paying ransom for data destruction, threat actors can always come back demanding for more once they realize exactly how valuable the data is.
www.thestar.com/news/gta/student-data-obtained-in-a-cyberattack-on-gta-school-boards-was-supposed-to-be-destroyed/article_cf2901bb-3fcc-4f84-ad7b-32399076b7e5.html
#infosec #PowerSchool #PowerSchoolHack #ransom #TDSB #YRDSB #PDSB #Toronto #YorkRegion #PeelRegion #Ontario #Canada -
PowerSchool, the cloud platform provider providing services to school boards across Canada & the US has confirmed that even though a ransom has been paid to the cybercriminals holding the data ransom & received assurances that the data was destroyed, the criminals have returned demanding for more money as they have not actually destroyed the data.
This unfortunately highlights the biggest risk when it comes to paying ransom for data destruction, threat actors can always come back demanding for more once they realize exactly how valuable the data is.
www.thestar.com/news/gta/student-data-obtained-in-a-cyberattack-on-gta-school-boards-was-supposed-to-be-destroyed/article_cf2901bb-3fcc-4f84-ad7b-32399076b7e5.html
#infosec #PowerSchool #PowerSchoolHack #ransom #TDSB #YRDSB #PDSB #Toronto #YorkRegion #PeelRegion #Ontario #Canada -
PowerSchool is under investigation by the Privacy Commisionner after breach affecting student information.
https://www.cbc.ca/news/canada/privacy-commissioner-powerschool-investigation-1.7457446
- - -
PowerSchool est sous enquête par le Commissaire à la vie privée après une brèche touchant les données d’élèves.// Article en anglais //
-
The Toronto District School Board, [...], said in January that the addresses, health card numbers, emergency contacts and some medical information of more than 1.49 million students may have been stolen.
presumably this links the names of children to their addresses
PowerSchool was aware as of Dec 28
The federal watchdog knew about it on Jan 20
I learned about it 47 days after PowerSchool knew about it; I hope the parents were notified sooner than this.
Private organizations subject to the Personal Information Protection and Electronic Documents Act are required to alert the privacy commissioner of any breach involving personal information that could harm the affected individuals. They must also inform the affected individuals.
-
The Toronto District School Board, [...], said in January that the addresses, health card numbers, emergency contacts and some medical information of more than 1.49 million students may have been stolen.
presumably this links the names of children to their addresses
PowerSchool was aware as of Dec 28
The federal watchdog knew about it on Jan 20
I learned about it 47 days after PowerSchool knew about it; I hope the parents were notified sooner than this.
Private organizations subject to the Personal Information Protection and Electronic Documents Act are required to alert the privacy commissioner of any breach involving personal information that could harm the affected individuals. They must also inform the affected individuals.
-
The Toronto District School Board, [...], said in January that the addresses, health card numbers, emergency contacts and some medical information of more than 1.49 million students may have been stolen.
presumably this links the names of children to their addresses
PowerSchool was aware as of Dec 28
The federal watchdog knew about it on Jan 20
I learned about it 47 days after PowerSchool knew about it; I hope the parents were notified sooner than this.
Private organizations subject to the Personal Information Protection and Electronic Documents Act are required to alert the privacy commissioner of any breach involving personal information that could harm the affected individuals. They must also inform the affected individuals.
-
The Toronto District School Board, [...], said in January that the addresses, health card numbers, emergency contacts and some medical information of more than 1.49 million students may have been stolen.
presumably this links the names of children to their addresses
PowerSchool was aware as of Dec 28
The federal watchdog knew about it on Jan 20
I learned about it 47 days after PowerSchool knew about it; I hope the parents were notified sooner than this.
Private organizations subject to the Personal Information Protection and Electronic Documents Act are required to alert the privacy commissioner of any breach involving personal information that could harm the affected individuals. They must also inform the affected individuals.
-
The Toronto District School Board, [...], said in January that the addresses, health card numbers, emergency contacts and some medical information of more than 1.49 million students may have been stolen.
presumably this links the names of children to their addresses
PowerSchool was aware as of Dec 28
The federal watchdog knew about it on Jan 20
I learned about it 47 days after PowerSchool knew about it; I hope the parents were notified sooner than this.
Private organizations subject to the Personal Information Protection and Electronic Documents Act are required to alert the privacy commissioner of any breach involving personal information that could harm the affected individuals. They must also inform the affected individuals.
-
Here's another Canadian school that had decades of student data caught up in the PowerSchool breach:
Wellington Catholic District School Board:
https://www.wellingtonadvertiser.com/cybersecurity-breach-involves-29-years-of-catholic-school-board-data/ -
From what I've read elsewhere, PowerSchool paid the ransom and watched the hackers "delete the data" live on a videoconference. Uh huh, yeah sure, the data was deleted 🙄
PowerSchool breach worse than thought, company says "all" student and teacher data accessed
https://www.techradar.com/pro/security/powerschool-breach-worse-than-thought-company-says-all-student-and-teacher-data-accessed#databreach #powerschool #k12education #k12sysadmin #k12schools #education #studentprivacy #infosec
-
US school districts affected by PowerSchool's December breach confirm hackers accessed “all” historical student & teacher data. PowerSchool holds records for 50M+ US students. #DataBreach #PowerSchool #CyberSecurity #StudentData #PrivacyConcerns #EdTech #TechNews
-
Some folks may get confused by PowerSchool saying that if they have medical records on students, they may have to notify under HIPAA.
Most student medical/health records are not covered under HIPAA. They are covered under FERPA.
If the district is billing the student's health insurance for services like speech therapy, physical therapy, or occupational therapy, then there's a HIPAA issue. Or if the school has arrangements with an actual clinic that is providing medical/health services to students. But most things like doctor's absence notes or even allergy action plans or school medication orders are not under HIPAA.
If the district has a health plan for employees that it administers, there's also a HIPAA issue there.
-
Lawsuit Accuses #PowerSchool of Selling #StudentData to 3rd Parties - Business Insider
A lawsuit accuses Bain Capital's PowerSchool of trafficking in student data. The #edtech giant says everything it does is legal.
#baincapital #education #school #privacy
