Walker County Schools in Georgia has been affected by a cybersecurity incident involving PowerSchool, the company that provides the district’s student information system. The breach was discovered on December 28, 2024, when an unauthorized party gained access to the PowerSource customer support portal used by PowerSchool. This incident exposed information related to families and educators within the school district, but PowerSchool confirmed that no malware or continued unauthorized access was found. The breach was contained to the PowerSource portal, and no other products from PowerSchool were impacted.
PowerSchool quickly activated its cybersecurity response protocols, involving senior leadership and third-party cybersecurity experts. The company also notified law enforcement about the incident. In addition to isolating the access point, PowerSchool took immediate steps to secure the portal, including deactivating the compromised credentials, conducting a full password reset, and tightening password and access control for all customer support portal accounts. PowerSchool assured that no operational disruptions occurred, and services continued without interruption.
PowerSchool emphasized that the exposed data would not be shared publicly and that steps were taken to prevent further unauthorized access. Although no misuse of the data is expected, the company is offering credit monitoring services for affected adults and identity protection for minors as part of its regulatory and contractual obligations. Affected individuals will be notified as the company works through the notification process, and PowerSchool is committed to ensuring that the data involved is properly secured.
In response to the breach, PowerSchool is providing Walker County Schools with a communications package to help manage the situation with their community. This package will include outreach emails, talking points, and a detailed FAQ to guide school leadership in communicating with families, educators, and other stakeholders. PowerSchool is also hosting webinars with senior leaders, including its Chief Information Security Officer, to address additional concerns and offer support as needed.
Reference:
