Data breach hitting PowerSchool looks very, very bad
Parents, students, teachers, and administrators throughout North America are smarting from what could be the biggest data breach of 2025: an intrusion into the network of a cloud-based service storing detailed data of millions of pupils and school personnel.
The hack, which came to light earlier this month, hit PowerSchool, a Folsom, California firm that provides cloud-based software to some 16,000 K–12 schools worldwide. The schools serve 60 million students and employ an unknown number of teachers. Besides providing software for administration, grades, and other functions, PowerSchool stores personal data for students and teachers, with much of that data including social security numbers, medical information, and home addresses.
On January 7, PowerSchool revealed that it had experienced a network intrusion two weeks earlier that resulted in the “unauthorized exportation of personal information” customers stored in PowerSchool’s Student Information System (SIS) through PowerSource, a customer support portal. Information stolen included individuals’ names, contact information, dates of birth, medical alert information, Social Security Numbers, and unspecified “other related information.”
