U.S. education technology provider PowerSchool suffered a significant breach with over 60 million students' personal information compromised. The attackers accessed the school information system through the PowerSource support portal using previously obtained support credentials. Despite a CrowdStrike forensic investigation revealing previous network infiltration, PowerSchool has yet to disclose the full extent of the data breach or confirm its knowledge of earlier intrusions.
Source: https://www.scworld.com/brief/powerschool-data-breach-preceded-by-months-long-systems-compromise
TPRM report: https://scoringcyber.rankiteo.com/company/powerschool-group-llc
"id": "pow538031125",
"linkid": "powerschool-group-llc",
"type": "Breach",
"date": "3/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '60 million students',
'industry': 'Education',
'location': 'United States',
'name': 'PowerSchool',
'type': 'Education Technology Provider'}],
'attack_vector': 'Stolen Credentials',
'data_breach': {'number_of_records_exposed': '60 million',
'type_of_data_compromised': ['Personal Information']},
'description': 'U.S. education technology provider PowerSchool suffered a '
"significant breach with over 60 million students' personal "
'information compromised. The attackers accessed the school '
'information system through the PowerSource support portal '
'using previously obtained support credentials. Despite a '
'CrowdStrike forensic investigation revealing previous network '
'infiltration, PowerSchool has yet to disclose the full extent '
'of the data breach or confirm its knowledge of earlier '
'intrusions.',
'impact': {'data_compromised': ['Personal Information'],
'systems_affected': ['School Information System',
'PowerSource Support Portal']},
'investigation_status': 'Ongoing',
'references': [{'source': 'CrowdStrike Forensic Investigation'}],
'response': {'third_party_assistance': ['CrowdStrike']},
'title': 'PowerSchool Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Support Credentials'}