PowerSchool Cyber Incident
PowerSchool CyberSecurity Incident
Update: January 9, 2024
What happened?
On Tuesday, January 7, PowerSchool, our student information system provider, informed us of cybersecurity incident on their systems that may have affected all PowerSchool customers. Utah Schools for the Deaf and the Blind (USDB) uses PowerSchool student information system to store education records about district students.
January 8, we attended a webinar with PowerSchool and confirmed that our system was affected. It appears that unauthorized access was gained to our student information system.
This breach involves PowerSchool’s systems and platforms, and is not the result of USDB’s systems and security procedures.
What was affected?
While we are still assessing the full extent of the breach, we believe the intruders accessed both student and teacher data. The teacher data includes basic information like ID, name, email, and title. The student data includes demographic details such as:
- student ID
- Utah state student ID
- name
- birthdate
- current school ID
- current school enrollment dates
- grade
- locker number
- locker combination
- current lunch balance
- home and mailing address
- guardian name and contact information
- emergency contact information
- free and reduced meal status
- medical alerts
Social security numbers were not involved and USDB does not store any social security numbers in PowerSchool.
What we are doing?
USDB IT staff have confirmed that the threat has been contained, and the intruder no longer has access to our system.
PowerSchool is working with cybersecurity experts from CrowdStrike to investigate further. We expect to have more information over the next two weeks and will provide updates if and when we receive additional information.
PowerSchool will be providing credit/identity monitoring services to affected individuals.
At this time, we do not believe any other systems within USDB were affected.
