U.S. edtech big PowerSchool has confirmed that 16,000 college students in the UK had private and delicate knowledge stolen throughout a December 2024 data breach.
This week, PowerSchool started notifying people exterior of the U.S. and Canada who had been affected by the breach. The incident, first confirmed by PowerSchool in January, noticed hackers entry the private knowledge of tens of millions of scholars and lecturers after utilizing compromised credentials to breach the corporate’s buyer help portal.
PowerSchool hasn’t confirmed what number of worldwide college students have been affected. Nevertheless, in an emailed assertion to information.killnetswitch, PowerSchool spokesperson Beth Keebler confirmed that 4 faculties within the U.Okay. had been affected, with hackers accessing the info of “roughly 16,000 college students.”
In a letter despatched to impacted people exterior of the U.S. and Canada, seen by information.killnetswitch, PowerSchool mentioned that knowledge accessed consists of college students’ contact info, dates of start, restricted medical knowledge, and “different associated info”.
Keebler advised information.killnetswitch that “the knowledge exfiltrated for any given particular person various throughout our buyer base.” PowerSchool declined to call the U.Okay. faculties impacted by the incident.
On the corporate’s incident web page, which was offline on the time of publication, PowerSchool famous that it could not offer credit score monitoring companies to data breach victims exterior of the U.S. and Canada.
Lucy Milburn, a spokesperson for the U.Okay.’s Data Commissioner’s Workplace (ICO), advised information.killnetswitch that it had not obtained a data breach report from PowerSchool.
Keeber confirmed the corporate had not filed a data breach report back to the ICO, claiming that it’s because PowerSchool “doesn’t act as a knowledge controller” — a company that determines the aim and technique of processing private knowledge — below U.Okay. knowledge safety regulation.
information.killnetswitch has reached out to the ICO with additional questions on PowerSchool’s declare.
PowerSchool has not but confirmed the entire variety of people affected by the December breach, regardless of telling information.killnetswitch that it had “recognized the colleges and districts whose knowledge was concerned on this incident.”
In accordance with stories, the breach impacted the private and delicate knowledge of greater than 62 million college students and 9.5 million lecturers. PowerSchool has repeatedly declined to substantiate whether or not this quantity is correct, however on its web site the corporate says its know-how is utilized by greater than 60 million college students.
Do you’ve gotten extra details about the PowerSchool data breach? We’d love to listen to from you. From a non-work system, you may contact Carly Web page securely on Sign at +44 1536 853968 or through electronic mail at carly.web page@techcrunch.com.
