Dozens of K-12 school districts in the U.S. and Canada had the personal data of teachers and students compromised following a cyberattack against PowerSchool's student information system that was initially discovered in late December, BleepingComputer reports.
PowerSchool officials said the hacking of its PowerSource customer support portal via stolen credentials let threat actors infiltrate a maintenance access tool that allowed entry to SIS instances and the eventual exfiltration of sensitive data. The stolen data included names and addresses, as well as personally identifiable information, Social Security numbers, medical details, and grades.
Despite claiming that the breach did not impact customer credentials and forum information, PowerSchool admitted to having provided the demanded ransom to avert data exposure.
"PowerSchool engaged the services of CyberSteward, a professional advisor with deep experience in negotiating with threat actors," said the firm. "With their guidance, PowerSchool has received reasonable assurances from the threat actor that the data has been deleted and that no additional copies exist."