TechCrunch reports that numerous U.S. school districts disclosed having all data from current and former students and faculty members compromised following the December cyberattack against global education software provider PowerSchool's student information system (SIS).
All demographic information belonging to students and teachers dating back to a school district with almost 9,000 pupils' initial installation of PowerSchool have also been accessed as a result of the hack, according to a source close to the matter, who noted PowerSchool's lack of multi-factor authentication (MFA) and other standard security defenses.
Assertions about the lack of MFA were refuted by Beth Keebler, a PowerSchool spokesperson, who pointed out customer differences in SIS-stored information and data-retention policies.
