In February, the recent EDTECH GIANT POWERSCHOOL hack can be one of the biggest violations of the year.
PowerSchool provided K-12 software to more than 18,000 schools to support about 60 million students in North America as a whole, and confirmed violations in early January. California -based companies, which Bain Capital acquired by Bain Capital for $ 5.6 billion, can be more accessible to the school information system, PowerSchool SIS, using a compromised information that hackers violate customer support portals. I said. , Attendance and registration.
“On December 28, 2024, we have noticed a potential cyber security case including unauthorized access to specific PowerSchool Sis information through PowerSource, one of the customer portals that focus on the community.”
PowerSchool is open on some aspects of violations. Keebler told TechnoCrunch, for example, that the PowerSource portal did not support multi -factor authentication at the time of the case while PowerSchool did. However, many important questions remain unsuited.
TechCrunch has sent a remarkable list of questions on PowerSchool on a case that could affect millions of Keebler in the United States. He stated that all updates related to violations were posted on the company's incident page. On January 29, the company said it had begun notification to individuals affected by violations and state regulatory authorities.
PowerSchool told customers that it would share an incident report from CROWDSTRIKE by mid -January. However, the source of the information affected by the violation said that TechCrunch has not yet received it.
The company's customers have many unexplored questions and are forced to cooperate to investigate those affected by violations.
Here are some questions that have not been answered.
I don't know how many schools or students are affected
TechCrunch has heard from a school affected by PowerSchool violations that its scale may be “large -scale”. However, PowerSchool repeatedly refused to say how many schools and individuals would be affected by TechnicCrunch, despite the fact that the school and districts involved in this case were identified. 。
Quoting multiple information sources reported that the briefing computer has accessed the personal data of more than 62 million students and 9.5 million teachers with PowerSchool violations. PowerSchool repeatedly refused to confirm that this number is accurate.
PowerSchool does not give a number, but the recent submission to the company's state prosecutor suggests that millions of people have been stolen in violation. For example, in the submission to Texas Bagle, PowerSchool confirmed that almost 800,000 states have been stolen data.
Communication from the infringed school district gives a general idea of violation. The Toronto District Board of Education (TDSB), the largest Board of Education, Canada, which provides services to about 240,000 students every year, has accessed about 40 years of student data by hacker. He stated that the student data was filmed for violation. Similarly, the school district of Menro Park, California, has information about all current students and staff (approximately 2,700 students and 400 staff members) and information on students and staff members and staff. I confirmed that I accessed it.
I still don't know what kind of data was stolen
Not only do you know how many people are affected, but you don't know how much data accessed during the violation.
In a communication shared with customers at the beginning of January when TechCrunch saw, the company confirmed that hackers had stolen “sensitive personal information” from students and teachers, such as student performance, attendance, and population statistics. 。 The company's incident page states that stolen data may contain social security numbers and medical data, but “expanded to specific individuals due to differences in customer requirements. The information has changed throughout the customer base. “
TechCrunch also has heard that several schools affected by the case have compromised the data of historical students and teachers.
One of the affected school districts includes information about the right of parent access to children, such as inhibitory orders, and information about when a specific student needs to take medicine. He told TechCrunch that it contains very sensitive student data.
The sources of talking to TechnicCrunch in February are that PowerSchool offers the “SIS Self -Service” tools that are affected by the “SIS Self -Service” tools that query and summarize the customer data of PowerSchool. Was revealed. But PowerSchool told the affected schools that the tool may not be accurately reflected at the time of the case.
It is unknown whether PowerSchool has its own technical means such as logs to determine which type of data has been stolen from a specific school district.
PowerSchool does not say how much he has paid to the hacker who is responsible for the violation
PowerSchool told TechCrunch that the organization had taken “appropriate measures” so that the stolen data was not disclosed. Communications shared with customers confirmed that they cooperated with a cyber exposure incident company to negotiate with a threat actor who is responsible for violation.
This confirms that PowerSchool paid a ransom for attackers who infringed the system. However, when asked by TechCrunch, the company refused to say how much it paid or how much hacker demanded.
I don't know what evidence that PowerSchool was deleted to have been deleted
PowerSchool's Keebler told TechCrunch, “I do not expect data to be shared or published,” and said, “I believe that the data has been deleted without duplication or dissemination.”
However, the company repeatedly refused to say evidence received to suggest that the stolen data was deleted. According to the initial report, the company received a video certificate, but PowerSchool did not confirm or deny it when asked by Techniccrunch.
Still, the proof of deletion is not a guarantee that hackers do not yet have data. The recent takedown of the UK Rock Bit Ransomwear Gang discovered evidence that gang still had data belonging to the victims paid for ransom.
I still don't know who was behind the attack
One of the biggest unknowns about PowerSchool's cyber attack is who is responsible. The company has been in contact with the hacker, but refused to clarify their identity if they were known. Cyber Steward, a Canadian incident organization that PowerSchool cooperated for negotiations, did not respond to TechnaCrunch questions.
The results of the crowdstrike survey remain mysterious
PowerSchool cooperates with the incident -compatible company CROWDSTRIKE to investigate violations. PowerSchool customers have reported that security companies will be announced on January 17. However, the report has not been published yet, and the affected school district told TechCrunch that he had never seen a report yet. Crowdstrike refused to comment when asked by Techniccrunch.
CrowDstrike released a provisional report in January, but I saw TechCrunch, but did not include new details about violations.
Do you have more information about PowerSchool data infringement? We look forward to your contact. From a device other than work, you can contact the Carly page safely at+44 1536 853968 signal, or you can contact you by e -mail by Carly.page@techcrunch.com.