U.S. edtech large PowerSchool has confirmed that 16,000 college students in the UK had private and delicate information stolen throughout a December 2024 information breach.
This week, PowerSchool started notifying people exterior of the U.S. and Canada who have been affected by the breach. The incident, first confirmed by PowerSchool in January, noticed hackers entry the non-public information of hundreds of thousands of scholars and lecturers after utilizing compromised credentials to breach the corporate’s buyer help portal.
PowerSchool hasn’t confirmed what number of worldwide college students have been affected. Nonetheless, in an emailed assertion to TechCrunch, PowerSchool spokesperson Beth Keebler confirmed that 4 colleges within the U.Okay. have been affected, with hackers accessing the information of “roughly 16,000 college students.”
In a letter despatched to impacted people exterior of the U.S. and Canada, seen by TechCrunch, PowerSchool mentioned that information accessed contains college students’ contact info, dates of start, restricted medical information, and “different associated info”.
Keebler advised TechCrunch that “the knowledge exfiltrated for any given particular person various throughout our buyer base.” PowerSchool declined to call the U.Okay. colleges impacted by the incident.
On the corporate’s incident page, which was offline on the time of publication, PowerSchool famous that it will not offer credit score monitoring providers to information breach victims exterior of the U.S. and Canada.
Lucy Milburn, a spokesperson for the U.Okay.’s Info Commissioner’s Workplace (ICO), advised TechCrunch that it had not acquired an information breach report from PowerSchool.
Keeber confirmed the corporate had not filed an information breach report back to the ICO, claiming that it is because PowerSchool “doesn’t act as an information controller” — a corporation that determines the aim and technique of processing private information — underneath U.Okay. information safety regulation.
TechCrunch has reached out to the ICO with additional questions on PowerSchool’s declare.
PowerSchool has not but confirmed the overall variety of people affected by the December breach, regardless of telling TechCrunch that it had “recognized the faculties and districts whose information was concerned on this incident.”
In keeping with reports, the breach impacted the non-public and delicate information of greater than 62 million college students and 9.5 million lecturers. PowerSchool has repeatedly declined to verify whether or not this quantity is correct, however on its web site the corporate says its expertise is utilized by greater than 60 million college students.
Do you’ve gotten extra details about the PowerSchool information breach? We’d love to listen to from you. From a non-work system, you may contact Carly Web page securely on Sign at +44 1536 853968 or through e mail at carly.page@techcrunch.com.
About The Author
