Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label PowerSchool. Show all posts
PowerSchool
AWS Data Breach LummaC2 malware MFA PowerSchool

PowerSchool Data Breach Exposes Millions

 


An American education technology company, PowerSchool, is the latest giant to fall a victim of hacking and data breaches, which probably compromised millions of records of students and teachers in North America. As one of the leading providers of school records management software, PowerSchool serves 18,000 schools who manage data over 60 million students.


How the breach happened

The compromise was discovered on December 28 and was traced to a subcontractor's account. The new report said, however, that another incident of hacking-a compromise of the access of a PowerSchool software engineer-may have had something to do with the breach. Malware infected the engineer's computer and exfiltrated login credentials for internal systems, such as Slack, AWS, and other tools.

According to the logs retrieved by researchers, the infostealing malware known as LummaC2 was used to steal the engineer's passwords. The malware extracted saved passwords and browsing histories from the web browsers of the engineer and uploaded them to a server run by cybercriminals. The stolen credentials were shared in cybercrime groups, which further exposed PowerSchool's systems. 


What Data Was Stolen?

The hackers accessed a range of sensitive personal information, including:  

  • Social Security numbers  
  •  Student grades and demographics  
  •  Medical information  
  •  Parental access details, such as restraining orders  
  •  Records of students’ medication schedules  

School districts impacted by the breach reported that the attackers stole all historical data stored in PowerSchool’s systems.  

The lack of multi-factor authentication (MFA) on a compromised maintenance account was one key vulnerability. PowerSchool has implemented MFA and reset passwords across its customer support portal. Many of the employee credentials discovered were weak and have been exposed in other breaches.

The breach, which has underlined the threats of infostealing malware in hybrid work setups where employees operate company systems using personal devices, has left much to be expected from PowerSchool.


Response and Investigation

PowerSchool, the company concerned, is reportedly working with a cybersecurity firm named CrowdStrike for the investigation into the incident. According to them, no signs of malware have been found neither has any sign of system-layer access. But they are analyzing the stolen data.


Effects on Schools

Many school districts are operating independently to gauge the scope of the breach, relying on collective knowledge from other administrators. As the investigation continues, there are questions about PowerSchool's security measures and how it managed this extensive breach. 

Schools, parents, and educators are urged to be vigilant and ensure additional layers of security are put in place to prevent future incidents.


Read more »
United States
Data Breach Data Privacy K-12 Schools PowerSchool United States

PowerSchool Breach Compromises Student and Teacher Data From K–12 Districts

 

PowerSchool, a widely used software serving thousands of K–12 schools in the United States, has suffered a major cybersecurity breach.

The Breach has left several schools worried about the potential exposure of critical student and faculty data. With over 45 million users relying on the platform, the breach raises serious concerns about data security in the United States' educational system. 

PowerSchool is a cloud-based software platform used by several schools to manage student information, grades, attendance, and contact with parents. The breach reportedly occurred through one of its customer support portals, when fraudsters gained unauthorised access using compromised credentials. 

Magnitude of the data breach

According to PowerSchool, the leaked data consists mainly of contact details such as names and addresses. However, certain school districts' databases might have included more sensitive data, such as Social Security numbers, medical information, and other personally identifiable information.

The company has informed users that the breach did not impact any other PowerSchool products, although the exact scope of the exposure is still being assessed. 

"We have taken all appropriate steps to prevent the data involved from further unauthorised access or misuse," PowerSchool said in response to the incident, as reported by Valley News Live. “We are equipped to conduct a thorough notification process to all impacted individuals.”

Additionally, the firm has promised to keep helping law enforcement in their efforts to determine how the breach occurred and who might be accountable.

Ongoing investigation and response 

Cybersecurity experts have already begun to investigate the hack, and both PowerSchool and local authorities are attempting to determine the exact scope of the incident. 

As the investigation continues, many people are pushing for stronger security measures to protect sensitive data in the educational sector, especially as more institutions rely on cloud-based systems for day-to-day activities. 

According to Valley News Live, PowerSchool has expressed their commitment to resolving the situation, saying, "We are deeply concerned by this incident and are doing everything we can to support the affected districts and families.”
Read more »
Subscribe to: Posts (Atom)