PowerSchool Cybersecurity Incident

While we were told PowerSchool became aware of this breach on December 28th, we weren’t informed until late afternoon on Tuesday, January 7th. This breach happened to districts they serve nationwide, including many in North Carolina. Since we were notified, we have been working to gather additional information and will continue to do so.

 

The incident is under investigation by PowerSchool, federal law enforcement, and NC Department of Public Instruction officials. PowerSchool reported that steps were taken to prevent the data from further misuse and the company believes the data has been deleted. According to PowerSchool, they believe the incident is contained and they do not anticipate the data being shared or made public. Law enforcement officials are monitoring to ensure the information has not been spread or shared.   

 

We have verified that no current or past student or staff member’s social security number was stored in the Mount Airy City Schools PowerSchool instance. 

 

At this time, we have limited information and await additional details from PowerSchool and guidance from state officials. We will communicate directly with parents, guardians, and employees as we learn more about how this breach affects you, your family, your data, and next steps.

NCDPI will work alongside PowerSchool, our districts, and schools to ensure that all required notifications are conducted. In the coming days, PowerSchool will provide affected customers with a communications package to support them in engaging with families, teachers, and other stakeholders about this incident. We will share these resources once we have them. 

We wanted to share this quote from NCDPI, “It is important to stress that there is nothing that NCDPI or any of our schools could have done to avoid this cybersecurity incident. Neither our schools nor DPI have administrative access to the maintenance tunnel where the breach occurred.”

Published