Massive PowerSchool Data Breach Exposes Personal Information of 16,000 UK Students

PowerSchool Network Breach: Hacker Infiltrated System Months Ahead of December Security Collapse

In a shocking development, a significant data breach involving the U.S. edtech powerhouse PowerSchool has come to light. Following a detailed forensic investigation by the renowned cybersecurity firm CrowdStrike, it has been revealed that unauthorized access to PowerSchool’s systems occurred months before the major breach reported in December 2024.

Details of the PowerSchool Data Breach

In a letter addressed to affected customers, PowerSchool confirmed that unauthorized activity had been detected prior to December 2024. The investigation traced this activity back to at least August 2024, indicating a longer period of vulnerability than previously understood.

Timeline of Unauthorized Access

PowerSchool identified that the unauthorized access occurred between December 19 and December 28, 2024. However, CrowdStrike’s findings indicate that hackers exploited compromised support credentials to infiltrate PowerSchool’s network from August 16 to September 17, 2024. These same credentials were utilized during the December breach, highlighting a critical lapse in security protocols.

  • Initial unauthorized access: August 16, 2024 – September 17, 2024
  • Detected unauthorized access: December 19 – December 28, 2024

Implications of the Findings

CrowdStrike emphasized that while they could not definitively link the earlier activity to the December breach, the evidence suggests that the incident might have been avoidable if the compromised credentials had been addressed sooner. The report pointed out that PowerSchool’s log data did not extend far enough to provide a complete picture.

PowerSchool’s spokesperson, Beth Keebler, remained tight-lipped when questioned about the company’s awareness of the earlier access. This lack of transparency raises further concerns among customers and stakeholders.

The Impact of the Breach

One of the most pressing questions surrounding the PowerSchool breach is the scope of the incident. Reports indicate that the personal information of over 60 million students may have been compromised. However, PowerSchool has consistently refrained from disclosing the exact number of affected individuals, leaving many in the dark about the potential ramifications of this breach.

READ ALSO  Newly Discovered Android Vulnerabilities Exploited in Student Phone Hack: What You Need to Know

For those seeking more information on cybersecurity best practices and how to protect sensitive data, consider visiting Cybersecurity & Infrastructure Security Agency (CISA) or exploring our related articles on data protection here.

Similar Posts

DeepSeek Data Breach: Sensitive Chat Histories and Internal Database Exposed!

DeepSeek Data Breach: Sensitive Chat Histories and Internal Database Exposed!

Bysupport

Chinese AI company DeepSeek recently faced a cybersecurity crisis due to a critical vulnerability in an unsecured back-end database that leaked sensitive information, including user chat histories and API keys. Discovered by security researchers from Wiz, the database was accessible without a password, exposing over a million unencrypted logs. DeepSeek swiftly took the database offline after being alerted. However, it remains uncertain if unauthorized access occurred prior to its removal. This incident underscores the need for improved database security practices, particularly for rapidly growing tech companies like DeepSeek, which has gained popularity since its launch in December.

Trump Administration Makes Controversial Move: Dismisses Cybersecurity Review Board Members in 'Shortsighted' Decision

Trump Administration Makes Controversial Move: Dismisses Cybersecurity Review Board Members in ‘Shortsighted’ Decision

Bysupport

On January 21, 2021, the Department of Homeland Security (DHS) announced the termination of its advisory committees, including the Cyber Security Review Board (CSRB), raising cybersecurity concerns. Experts criticized the decision, highlighting its shortsightedness amid ongoing cyber threats from China. A CSRB member warned that halting the board’s review could jeopardize national security. The DHS cited resource mismanagement as the rationale for disbanding the committees, despite members being unpaid. Experts hope future appointments will prioritize merit over political affiliations. The CSRB’s critical role in analyzing significant cyber breaches underscores the need for effective cybersecurity strategies moving forward.

Cyberattack Hits Ukraine: Disruption of Train Ticket Sales Amidst Growing Digital Threats

Cyberattack Hits Ukraine: Disruption of Train Ticket Sales Amidst Growing Digital Threats

Bysupport

Ukrainian railway operator Ukrzaliznytsia faced a significant cyberattack that disrupted its online ticket sales, affecting both domestic and international transactions. Despite this, train operations remained stable and uninterrupted. Increased passenger traffic was reported at Kyiv’s central railway station, leading to long lines for ticket purchases. In response, Ukrzaliznytsia reassured travelers that train services were running smoothly and outlined alternatives for those unable to buy tickets online, including visiting ticket offices or boarding trains without tickets. This incident emphasizes the need for robust cybersecurity measures in critical infrastructure.

Texas Man Charged with Hacking: Activates 'Kill Switch' on Ex-Employer's Network, Faces Prison Time

Texas Man Charged with Hacking: Activates ‘Kill Switch’ on Ex-Employer’s Network, Faces Prison Time

Bysupport

Texas software developer Davis Lu, 55, has been convicted of intentionally damaging his former employer’s network, facing up to 10 years in prison. Following a 2018 corporate restructuring that reduced his access, Lu created a malicious “kill switch” to lock employees out of the system if his credentials were deactivated. This switch was activated upon his departure on September 9, 2019, causing widespread disruptions and estimated losses in the hundreds of thousands of dollars. His sentencing is set for June 23, highlighting the serious risks of insider threats in the tech industry and the need for robust cybersecurity measures.

Unlocking Secrets: Accessing Private GitHub Repos Through Copilot Despite Previous Exposure

Unveiling Hidden Gems: Accessing Private GitHub Repositories Through Copilot

Bysupport

Security researchers are highlighting risks linked to data exposure in generative AI chatbots like Microsoft Copilot. A cybersecurity firm, Lasso, uncovered that thousands of previously public GitHub repositories from major corporations, including Microsoft, remain accessible due to Bing’s indexing. This allows sensitive content to be retrievable via Copilot even after repositories are made private. Over 20,000 private repositories, impacting over 16,000 organizations, still have exposed data, including intellectual property and access tokens. Lasso has advised affected companies to revoke compromised keys. Microsoft has downplayed the issue, classifying it as “low severity,” yet the risk of data exposure persists.

OpenAI Reveals: Deleted Operator Data Could Be Stored for Up to 90 Days!

OpenAI Reveals: Deleted Operator Data Could Be Stored for Up to 90 Days!

Bysupport

OpenAI announced that its new AI tool, Operator, may retain chat logs and screenshots for up to 90 days, even if users delete them. This policy, which contrasts with ChatGPT’s 30-day retention, aims to address potential misuse of the technology and enhance user safety. Operator, available to $200-per-month ChatGPT Pro subscribers, automates tasks such as travel booking and online shopping using a built-in browser. While it captures screenshots to facilitate interactions, it avoids sensitive information like passwords. OpenAI emphasizes that access to this data is restricted to authorized personnel for abuse investigations and legal purposes.

Leave a Reply

Your email address will not be published. Required fields are marked *