By Hank Russell
An estimated 10 school districts reportedly experienced data breaches last month and their software solution provider said it is looking into the problem.
According to various news reports, PowerSchool, an educational cloud-based software provider headquartered in Folsom, California, announced it experienced a data breach on December 28, 2024, affecting some Long Island schools. Among the school districts that were affected were Glen Cove, Hicksville, Jericho, Lynbrook, Massapequa, Middle Country, Nassau BOCES and Uniondale. It was also reported that the Social Security numbers and medical information of its users — which is comprised of teachers, students and parents — were exposed.
PowerSchool posted this announcement on its website: “On December 28, 2024, we became aware of a potential cybersecurity incident involving unauthorized access to certain PowerSchool Student Information System (SIS) information through one of our community-based portals, PowerSource.
“PowerSchool is not experiencing, nor does it expect to experience, any operational disruption and continues to provide services as normal to our customers. We have no evidence that other PowerSchool products were affected as a result of this incident or that there is any malware or continued unauthorized activity in the PowerSchool environment,” the company stated.
Long Island Life & Politics reached out to PowerSchool to confirm the news reports. A spokesperson replied, “Because of our ongoing investigation, we are not sharing specifics around the number of districts and schools we believe were involved. We are in communication with those customers directly and are supporting them through the next steps.”
In response to the data breach, the spokesperson said, “We care deeply about the students, teachers, and families we serve and are wholeheartedly committed to supporting them. We are working to complete our investigation of the incident and are coordinating with districts and schools to provide more information and resources (including credit monitoring or identity protection services if applicable) as it becomes available.”