The Brownsburg Community School Corporation has notified families of a security breach that puts student data at risk. The breach, linked to the PowerSchool SIS platform, has affected school districts nationwide, compromising the personal information of students and teachers, as FOX 59 reported.
A cyberattack on PowerSchool's customer support portal, PowerSource, has potentially exposed students' names, birth dates, contact information, and in some cases, social security numbers and medical details. Brownsburg schools have confirmed that social security numbers are not stored in their PowerSchool system. Live5News reports that while the breach primarily involved contact information, the impact could be more significant for some districts.
In response to the breach, PowerSchool assured the public that the compromise was quickly contained, operational disruptions were avoided, and measures to prevent further unauthorized access were implemented. Affected individuals have also been informed to help them remain vigilant against potential misuse of the compromised data. "Rest assured, we have taken all appropriate steps to prevent the data involved from further unauthorized access or misuse," PowerSchool said in a statement obtained by FOX59.
The breach was extensive, prompting PowerSchool to immediately engage CyberSteward, a company specializing in cyber incident negotiations. "With their guidance, PowerSchool has received reasonable assurances from the threat actor that the data has been deleted and that no additional copies exist," according to a cybersecurity incident report shared with customers and the Brownsburg Sentinel. Despite the breach, PowerSchool assures that operations continue as usual and remains committed to maintaining transparency with affected school districts.
Currently, no immediate action is required from students or families within the Brownsburg Community School Corporation, other than staying alert for future communications from PowerSchool. The school district is working with the FBI and PowerSchool to investigate the breach, and the Indiana Department of Education has notified the Indiana Office of Technology as required by state code, aiming to strengthen cyber defenses and prevent future incidents.
