page background

Powerschool Cybersecurity Incident

January 9, 2025

PowerschoolCybersecurity IncidentJanuary 9, 2025

Dear Families,


We were notified by our student information system vendor, PowerSchool, that we are one of many schools nationwide that may have had our data accessed during a cybersecurity breach on their systems. Yesterday afternoon, we participated in a call with PowerSchool to find out initial details about the breach and the next steps that PowerSchool is taking to respond to this incident. Since being notified of this breach, our team conducted an investigation and did confirm that our school records were accessed by this unauthorized party. Here are the details we have so far on this breach:


What happened?

According to PowerSchool, on December 28, 2024, a cybersecurity incident was discovered involving unauthorized access to PowerSchool SIS customer data through a compromised credential in their internal support portal. PowerSchool immediately launched an investigation and notified law enforcement, restricted access to affected systems, and engaged CyberSteward, a cyberattack response team for assistance in negotiating with the threat actors. With their guidance, PowerSchool states they have received "reasonable assurances from the threat actor that the data has been deleted and no additional copies exist."


What data was accessed?

PowerSchool has provided us with initial reports of what data could have been potentially accessed including student and staff names, addresses, date of birth, parent names, academic records, lunch status, phone numbers and other demographic information. A subset of our student population also has information related to medical alerts such as potential allergies that may have been accessed.


What happens next?

In the coming days, we expect PowerSchool to release more information regarding this incident including a comprehensive FAQ for families and a detailed incident report of this event. The MaST Schools team is dedicated to safeguarding our students, families and staff data and will share more information as we receive it from PowerSchool. Out of an abundance of caution, MaST Schools has also engaged our cyber insurance provider to make them aware of this incident despite this occurring on PowerSchool systems.


We will keep you updated with any new information that surfaces as this incident has been made public on a national level across many school districts.


Thank you,


John F. Swoyer III

Chief Executive Officer

MaST Schools Network

MaST Schools