Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
We are in a few months in 2025, but in recent years the recent hack in the United States’s AdTEC Giant PowerSscul is on the verge of violating data in one of the largest education data.
PowerScus, which provides K -12 software to more than 5 schools to support almost Million5 million students across North America, released data in early January.
California -based agency, Which Bain Capital has acquired $ 5.6 billionIt was said that an unknown hacker used a single compromised certificate to violate his customer support portal in December 2024, which allows more access to the company’s school information system, PowerScul SIS, which schools use to handle students’ records, presence and listing.
When PowerScouces were open about some aspects of the violation – for example, Powercoull told Techchen that the violated PoorSource portal Not Support multi-factor authentication at the time of the incident-a few important questions remain in the months that have not been answered.
TechCrunch sent a list of outstanding questions about the event, which possiblely affects millions of students.
PowerScul’s spokesperson Beth Kabelra refused to answer our question that all updates related to the violation would be posted Pages of the organizationThe January 25th, the company said it Begin to inform people Influenced by breach and state regulators.
Many customers of the company also have outstanding questions about this violation, Forced the victims to work together to make hack investigationsThe
In early March, PowerScouls revealed his data violation postmortem, As prepared by CrowdstricricPowerScol’s customers were informed that it would be released. Crowdstrike confirmed that even though many details of the report were known A hacker had access to the PowerScol system in early August 2024The
Here are some questions that remain unmanageable.
PowerScouls did not say how many students or workers were affected
TechCrunch has heard from customers of PowerScul that the scale of data violation can be “huge”. Despite TechCrunch, PowerScol repeatedly refused to say how many schools and individuals were affected by “It was identified as schools and districts whose information was involved in the incident.”
Blipping computerAccording to multiple sources, in January, the hacker responsible for the violation of the PowerScourse has accessed the personal information of more than 1.5 million students and 1.5 million teachers.
When asked by TechCrunch, PowerScoules refused to confirm that the number was correct.
Powercall films, however, suggest that millions of people have stolen personal data in data violations of the State Attorney General and the violation schools.
In a filing near the Texas Attorney General, PowerScul confirmed that about 800,000 state residents were stolen data. Maine’s Attorney General told a filing on January that at least 5 residents were damaged, but it has been since then. Update The number of affected persons is called “determining”.
Toronto District School Board, the largest school board in Canada that serves about 240,000 students every year, Hacker says May access data of a valuable student of about 40 years, Including about 1.5 million student data taken in violationThe
Menlo Park City School District of California Confirmed Hackers have accessed the information on all the current students and staff of the hacker-about 2,75 students and 5 staff students and staff returned at the beginning of the academic year.
PowerScoull didn’t say what kind of data was stolen
We do not just know how many people were affected, but we also do not even know what kind of data was accessed during the violation.
In a communication shared with customers in January, the hacker stole “sensitive personal information” on students and teachers, including grades, attendance and population of students. The Company’s Incident Page Also States That Stolan Data May Included Social Security Numbers and Medical Data, but says that “Due to Differentness in Customer Requirements, the Information Extracted Forms Individ. Varied Across Our Customer Base. “
There is TechCrunch Heard The “all” of their historical students and teachers’ data was compromised from multiple schools affected by this incident.
A person working in an infected school district told TechCrunch that the stolen data included data from highly sensitive students, such as information about their children’s parents’ access to access, orders and specific students when they need to take their drugs.
Talking to TechCrunch in February, a source said that PowerScol’s customer could ask and shorten PowerScol’s customer data to show what data was stored on their system. PowerScul told the damaged schools, however, this tool “cannot properly reflect the exfiltrated data during the incident.”
It is not known that PowerScall has its own technical way to determine what kind of data was stolen from a specific school district.
Don’t say how much the hacker is responsible for the powerscale violation
PowerScul told TechCrunch that the company had taken a “appropriate step” to prevent the stolen data from publishing. In the case of communications shared with customers, the company has confirmed that it has worked with actors responsible for violating a cyber-comprehensive event in violation of the response.
They, however, confirmed that PowerScourse provided a ransom to those who violated its systems. However, when asked by TechCrunch, the company refused to say how much the company gave it, or how much the hacker claimed.
PowerScouls did not know what the evidence found that the stolen data was deleted
PowerScul’s Kebella told TechCrunch that the company “does not expect to share data or make public” and it “believes that the data has been removed without any more transcript or promotion.”
However, the company has repeatedly refused to say what theft has been deleted to explain what it has been deleted. Early Report It was said that the company received a video proof, but when asked by TechCrunch, PowerScol will not be sure or deny.
Nevertheless, the evidence of deletion is not guaranteed in any way that the hacker is not yet occupied by data; Proof that the Tekdown of the UK recent Lockbeat Ransomware gang has proved This gang still had data from the affected people who provided the demand for ransomThe
Hackers behind the data violation are not yet known
PowerScus is one of the biggest unknown about cybertacks who were responsible. The company has contacted the hacker but refused to reveal their identity if it was known. Cyberstaord did not answer TechCrunch’s question, which was in response to the Canadian incident.
Crowdstrike’s forensic report leaves the answerless questions
After PowerScall’s revelation Croudstrike forensic report In March, a person at a school in the violation told Techcranch that the searchs were “underhaleming”.
The report confirmed that the violation was due to a compromised certificate, but the root cause of how the compromised certificate was achieved and how was used is unknown.
Boston-based Education Technology Consultant Organization, Mark Rackine TechCrunch, CEO of Route Solutions, told TechCrunch that the report does not have enough information to understand what was wrong when providing “some details”. “
It is not known exactly how much the powerscale violation actually goes back
A new detail in the Croudstrike Report was a hacker access to the PowerScol network August 16, 2024, and September 17, 2024The
Access was achieved using the same compromised credentials used in the December violation and the hacker had accessed PowerScul’s PowerSource, the same customer support portal compromised to get access to the PowerScul’s school data system in December.
Croudstrike, however, said that the same threat actor is not enough evidence to reach the decision due to inadequate logs.
However, the search suggests that hackers – or multiple hackers – may have access to the PowerScol network for months before the access is detected.
Do you have more information about PowerScul’s data breach? We would like to hear from you. From a non-work device, you can securely contact the Curly page through signals or email at +44 1536 853968 Carly.page@techcranch.comThe
