Students in the Haines school district, and their parents, are among the millions nationwide who were caught up in a data breach of educational technology provider PowerSchool. 

The company warned school districts across the country last week that sensitive information had been exposed by hackers in December and later confirmed for customers that it paid a ransom for the destruction of the stolen data. 

PowerSchool, a California based company, is the largest cloud-based education software provider in the U.S. according to its website. According to the company, its software supports more than 50 million students. 

Haines Superintendent Roy Getchell said he should have more specifics about the breach by Jan. 17, but that his understanding is that it could include anything that is normally included on a registration form. 

The district’s latest enrollment form includes student name, address, gender, social security number, birthday, and birthplace as well as parent and guardian information and emergency contact names and contact information, in addition to medical conditions and needed medications.  

The company sent the school district an email saying the breach had happened through one of its support portals, PowerSource. The company assured the district that its other records, like a portal housing special education records, were not compromised, according to the email. 

The company confirmed details of the attack first published by Lawrence Abrams’ news outlet Bleeping Computer which detailed a wide-ranging breach of student and teacher databases which could contain names and addresses, as well as social security numbers, medical information and grades. The company confirmed in an FAQ for its customers that the breach was part of a ransomware attack and that it had paid a ransom to prevent the data from being released. 

Chatham School District Superintendent Ralph Watkins said Wednesday that his district also uses PowerSchool products but was informed that its students –  including those at the Klukwan School – were not impacted by the breach. 

Author