Thousands of school districts in the US use the software system, Power School, as a tool to manage student and teacher information. Over 60 million students have data stored with this software. This past December the system was hacked causing disruption for many school districts across the country.

Using stolen credentials a hacker or group was able to access large amounts of personal information through the customer support portal.

At least two anonymous school districts have confirmed that even historical data has been stolen from former students, as well as current.

TechCrunch states that, “PowerSchool have told TechCrunch that hackers accessed ‘all’ of their historical student and teacher data.” From some commentary by RootED’s executive chief, the article continues that, “some school districts are reporting the number of affected students in the range of four- to 10-times higher than the number of actively enrolled students in their district.”

Another source claimed that data has been stolen even prior to December. On top of this, it has been found that school districts which only formerly used PowerSchool have also been affected by this breach.

Some accusations claim that PowerSchool failed to implement basic software protection, such as multi-factor authentication. When TechCrunch reached out to a PowerSchool spokesperson, she answered that their software did have MFA but did not make any further comment.

The scale of this data breach remains unknown, although multiple school districts have disclosed their effects, and more continue to do so as well.

To prevent such disaster, secure the data under your charge with multi-factor authentication. Contact us to find out how GreenRADIUS can provide this safety for your customers and your team.