Image by Seen, from Unsplash
PowerSchool Cyberattack Compromises Millions Of Student Records Across U.S. Schools
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
Hackers breached the systems of PowerSchool, an ed-tech company serving over 50 million students in the U.S.
In a Rush? Here are the Quick Facts!
- Hackers accessed historical student and teacher data in PowerSchool’s December cyberattack.
- Data stolen includes names, addresses, Social Security numbers, and academic records.
- Affected districts report inadequate security measures, like no multi-factor authentication.
The attack, as first reported on Wednesday by TechCrunch , compromised historical student and teacher data from multiple school districts. Occurring in December, it exploited stolen credentials to breach the company’s customer support portal, exposing sensitive information.
Affected school districts revealed the breach’s extensive scope. One district confirmed that “all historical student and teacher data” was accessed, while another district with nearly 9,000 students reported that demographic data for current and former staff and students was compromised, as reported by TechCrunch.
Some districts noted inadequate security measures, such as the absence of multi-factor authentication. PowerSchool has yet to disclose the number of impacted schools, said TechCrunch.
Beth Keebler, a company spokesperson, stated that the affected schools and districts have been identified but declined to share their names publicly to TechCrunch. The company is still determining which individuals’ data may have been accessed and did not provide evidence for its claim that the stolen data has been deleted.
However, in a statement provided to TechCrunch on Tuesday, PowerSchool suggested that most affected customers did not have sensitive data compromised.
Moreover, TechCrunch reports that Menlo Park City School District in California confirmed that data dating back to the 2009-2010 school year had been accessed. Rancho Santa Fe School District, another California district, disclosed that teachers’ login credentials were also compromised.
Mark Racine, CEO of education technology consultancy RootED Solutions, warned that the breach impacts not only PowerSchool’s 18,000 active customers but also former clients, as noted by TechCrunch.
He said that affected student numbers in some districts are up to ten times higher than currently enrolled students, reflecting the long-term data retention involved.
Criticism of PowerSchool’s security practices has mounted, with some districts accusing the company of neglecting basic protections, as reported by TechCrunch.
PowerSchool stated to TechCrunch it has implemented measures to prevent further incidents but has not elaborated on its response or the effectiveness of its actions.
A PowerSchool’s spokesperson told Newsweek : “We have identified the schools and districts whose data was involved in this incident, notified them directly and will be providing updates as we support them through next steps.’’
“PowerSchool is in the process of rolling out a plan in which we will offer to notify individuals whose personal information was involved on our customers’ behalf. We will also be providing credit monitoring or identity protection services if applicable,” the spokesperson added.
As investigations continue, affected districts are taking steps to inform staff and students about the breach while evaluating the long-term implications for their communities.
Photo by Soragrit Wongsa on Unsplash
Bluesky Is Developing a New Photo-Sharing App Called Flashes
- Written by Andrea Miliani Former Tech News Expert
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
The decentralized platform Bluesky is developing a photo-sharing app called “Flashes.” The new platform is not public yet, but a beta version will be released next week.
In a Rush? Here are the Quick Facts!
- Bluesky is developing a new photo-sharing platform called Flashes
- A beta version of the platform will be released next week and will run under the AT Protocol
- Developers expect to attack user fleeing TikTok, Instagram, Threads and Facebook, although many have complained about the new platform’s name
According to TechCrunch’s report , Flashes will also run under AT Protocol—the same as Bluesky but not ActivityPub, used by other platforms like Mastodon and Threads and the dominant framework in the fediverse . It will also compete with Pixelfed, another decentralized photo-sharing app, running under the ActivityPub protocol.
[image or embed] — Flashes App 📱 ( @flashesapp.bsky.social ) January 15, 2025 at 6:34 PM
Flashes expect to attract some of those users migrating from TikTok or deleting their Instagram, Threads, and Facebook accounts after Zuckerberg announced that Meta will end its fact-checking program and other policy changes.
The new Berlin-based platform is based on Bluesky’s codebase developed by its client Skeets—led by developer Sebastian Vogelsang. “I thought about the idea of having one base social graph and then having just different apps pick from that graph whatever they want to display,” Vogelsang told TechCrunch.
The developer explained that Flashes, even though it won’t be an Instagram clone, could be an attractive way to get more users connected to Bluesky, especially those who never considered themselves a “Twitter person.” Those who post on Flashes will also show on Bluesky and both platforms will share similar conditions: up to four photos per post, and a maximum of 1-minute videos.
Many users on Bluesky have shared their opinions on the new upcoming social media platform. “This is cool but Flashes is an all-time bad name,” said one user . “Given the type of photo that’s popular here, Flashes is the perfect name,” added another .
Decentralized apps are gaining more advocates as their leaders make decisions that challenge traditional platforms. Mastodon’s CEO will soon transfer ownership to a non-profit organization , setting the app apart from one-person-led business models like Elon Musk’s X and Mark Zuckerberg’s Meta.
