Kansas districts affected by massive PowerSchool data breach

January 21, 2025

Parents in much of the country have become accustomed to using an online platform called “PowerSchool” to keep up with their children’s grades, but that platform was recently the subject of a massive data breach, affecting the data of more than 50 million students across the country.

Multiple districts across Kansas were affected, including Andover, Buhler, Haysville and Rosehill public schools.

the PowerSchool hack compromised student and staff personal data

This was brought to the attention of the Kansas State Board of Education by Olathe resident Patty Lanter who said student data breaches affect the “safety, privacy and future of our children in Kansas.”

Lanter noted that academic and disciplinary records are “in the hands of third party corporations,” when districts use platforms such as PowerSchool.

KWCH-TV reported that, in Andover, at least, the breach did not seem to include data such as financial information, social security numbers, or photographs.

However, according to USA Today, schools were not notified for more than two weeks after the breach — and contrary to what Andover said, social security numbers may well have been obtained.

“Names, addresses, birth dates and Social Security numbers were among the information hackers obtained using a user’s credentials to log into a customer service portal,” USA Today reported.

According to the outlet, the federal government says “cyberattacks and online threats ‘are an increasingly significant and widespread problem” for schools in the U.S., and the nonprofit K12 Security Information Exchange claims that between 2016 and 2022, there were 1,619 cyber incidents striking K-12 schools across the country.

PowerSchool hacked on December 19, 2024

The breach apparently began on Dec. 19, 2024 and ended nine days later on Dec. 28. Hackers appear to have used a PowerSchool remote support tool to access the data of an unknown number of districts.

PowerSchool Holdings Inc. serves over 60 million students and 18,000 customers in almost 100 countries around the world.

“As soon as we learned of the incident, we immediately engaged our cybersecurity response protocols and mobilized a cross-functional response team, including senior leadership and third-party cybersecurity experts,” the company said in a statement on Monday.

Industry site TechCrunch said the breach involved significant amounts of student information.

“PowerSchool hasn’t said how many of its school customers are affected,” TechCrunch reported.“However, two sources at affected school districts — who asked not to be named —  told TechCrunch that the hackers accessed troves of personal data belonging to both current and former students and teachers. 

“‘In our case, I just confirmed that they got all historical student and teacher data,’ the person at one affected school district told TechCrunch. The person added that while PowerSchool said the hackers had access to its data from late December, the district’s logs show that the attackers had gained access earlier.”

TechCrunch said another source — who works at a district with almost 9,000 students — told the outlet that the attackers accessed “demographic data for all teachers and students, both active and historical, as long as we’ve had PowerSchool.”

PowerSchool apparently told TechCrunch — and the affected districts —  that it has taken “appropriate steps” to prevent the stolen data from being published and said it “believes the data has been deleted without any further replication or dissemination,” according to the outlet 

However, TechCrunch also reports that the company “did not provide specifics on what steps it took, and declined to say what evidence the company had to suggest that the stolen data had been deleted.”