KNOXVILLE, Tenn. (WVLT) – Two East Tennessee school systems are reporting that they were affected by an international data breach connected to PowerSchool.
PowerSchool, a software provider that allows students, staff and parents to access online grades and other information, said that it realized there was a breach on Dec. 28. In East Tennessee, both Scott County Schools and Hamblen County Schools have acknowledged the breach.
As for what was taken, PowerSchool said both student and employee data was affected. That information included things like:
- Names
- Contact information
- Date of birth
- Medical alert information
- Social Security Numbers
Scott County’s director of schools, Bill Hall, said the district was taking its own steps to protect data going forward, while also putting the responsibility on PowerSchool itself.
“Since being made aware of this event, our technology department has devoted much time and effort researching the causes of the security breach, which are the sole responsibility of PowerSchool and could not have been prevented by Scott County or any other school system using PowerSchool software,“ Hall said. ”They are also in communication with the state department of education and other parties who have been affected by and are responding to issues and concerns caused by the breach.”
These steps are on top of what PowerSchool is doing. The company said it would be providing anyone affected with two years of credit monitoring from Experian. Staff and parents can expect emails with details.
There’s more information here.
Bill Hall’s full statement:
This is to advise you of a recent cybersecurity incident involving PowerSchool, a software vendor which provides Scott County’s Student Information System (SIS).
On Tuesday, January 7, 2025, PowerSchool informed us that they experienced a cybersecurity breach which allowed unauthorized access to SIS customer data, including personal identifiable information such as social security numbers of students and teachers. Unfortunately, we have been able to confirm that Scott County was one of the systems whose information was accessed along with several other school systems nationwide and in Canada. You will likely hear news reports of this incident because of its vast scope and impact on most if not all PowerSchool customers.
Since being made aware of this event, our technology department has devoted much time and effort researching the causes of the security breach, which are the sole responsibility of PowerSchool and could not have been prevented by Scott County or any other school system using PowerSchool software. They are also in communication with the state department of education and other parties who have been affected by and are responding to issues and concerns caused by the breach.
Although PowerSchool has advised the school systems affected that it has taken sufficient measures to contain the breach, we are taking proactive steps, to the extent that we can, to prevent another similar event from happening in the future, including the assignment of personal identification numbers for our students instead of social security numbers.
In response to this breach, PowerSchool has offered credit monitoring and identity protection services but currently, we have no specific information as to how they plan to implement such services. We will provide this information as it becomes available to us as well as any other developments related to the breach.
Copyright 2025 WVLT. All rights reserved.