Breach Notifications

PowerSchool Cyber Security Incident Update (1/17/2024)

PowerSchool has provided the following update regarding identity/credit monitoring services:
 

Identity Protection & Credit Monitoring Services

PowerSchool will be offering two years of complimentary identity protection services for all students and educators whose information was involved and will also be offering two years of complimentary credit monitoring services for all adult students and educators whose information was involved. We are doing this regardless of whether an individual’s Social Security Number was exfiltrated.

 

PowerSchool has engaged Experian, a trusted credit reporting agency, to provide these services. Starting in the next few weeks, PowerSchool will coordinate with Experian to provide notice on behalf of our customers to students (or their parents/guardians if the student is under 18) and educators whose information was exfiltrated from their PowerSchool SIS.

 

We will continue to keep you informed and share updates as we receive new information.

 

Thank you for your understanding and partnership during this time.

 

For additional information, please visit: https://www.powerschool.com/security/sis-incident/ 

Previous Notifications:

PowerSchool Cybersecurity Incident (1/7/2025)

 

We are writing to inform you about a cybersecurity incident involving PowerSchool, the vendor for our Student Information System (SIS).

 

On Tuesday, January 7, 2025, we were notified that on December 28, 2024, PowerSchool discovered unauthorized access to certain data through their customer support platform.

 

PowerSchool has confirmed that data from Wolcott Public Schools was part of the breach, along with data from numerous other school districts across the U.S. and Canada. According to PowerSchool, the breach has been contained, and compromised credentials have been deactivated. They have engaged a cybersecurity firm to ensure that the accessed data has not been shared or made public. During an informational webinar held on January 8, 2025, PowerSchool executives assured customers that they strongly believe the stolen data has been deleted and that no additional copies exist.

 

PowerSchool informed us that the taken data (for both active and inactive students/staff) primarily includes parent and student contact information with data elements such as name and address information. Across their customer base, they have determined that for a portion of individuals, some personally identifiable information (PII), such as social security numbers (SSN) and medical information, was impacted. They are working with urgency to complete their investigation and determine whether PII belonging to our students was included.

 

PowerSchool will provide further updates in the coming days. We take the privacy and security of our students, faculty, staff, and families very seriously and are monitoring PowerSchool’s response closely. We are committed to holding them accountable to their promises of transparency, privacy, and security.

 

We will continue to keep you informed and share updates as we receive new information.

 

Thank you for your understanding and partnership during this time.

 

For additional information, please visit: https://www.powerschool.com/security/sis-incident/