PowerSchool, a cloud-based software vendor used by the St. Johns County School District in Florida and over 50 million students globally, recently experienced a cybersecurity incident. The breach involved unauthorized access to certain customer information within the PowerSchool Student Information System (SIS). While the incident itself did not occur at the St. Johns County School District, it affected the systems of PowerSchool, which serves schools worldwide. The district was testing the Student Information Systems product at the time of the incident.
The district takes the breach seriously and has been investigating the event to understand how it happened. St. Johns County School District is reviewing its ongoing relationship with PowerSchool and will seek assurances from the vendor to prevent future incidents. On February 4, 2025, the district began notifying affected staff members, parents, and guardians of students regarding the breach. The notification outlined the potential risks posed by the incident and shared the measures being taken to assist impacted individuals.
PowerSchool, in collaboration with Experian, is offering two years of complimentary identity protection and credit monitoring services for students and educators whose information was involved. Those impacted will receive email notifications from PowerSchool, including details about how to access the identity protection services.
The district has also provided a help phone line for those seeking assistance or further information about the breach.
In the meantime, the district encourages individuals to monitor their accounts and be cautious of suspicious communications. Best practices for protecting personal information, such as using strong passwords and enabling multi-factor authentication, were shared. Additionally, individuals can request a free copy of their credit report annually from the three major credit reporting agencies and consider placing a fraud alert on their credit reports as an extra precaution.
Reference: