A company tracking the personal data of millions of US children has reportedly not taken basic security precautions.
NBC News reports that CrowdStrike, a cybersecurity company, conducted an investigation and found out PowerSchool – which runs a popular Student Information System (SIS), was compromised in the largest hack in American history against K-12 students.
PowerSchool’s SIS (School Information System) software allows schools to track student attendance, grades and addresses, as well as very detailed personal data like Social Security Numbers or medical history.
A vulnerability found in PowerSource, a customer-focused portal that is geared towards the community, led to an “incident”.
PowerSchool reported that names, contact details, dates of birthday, medical alerts, Social Security Numbers, and other “related information” were compromised for “current and past students and educators”. No evidence was found that the information of its customers, including their credit or debit card numbers, was affected.
CrowdStrike was hired to investigate this incident by PowerSchool. They reported that the hacker had simply obtained a password from a PowerSchool employee and used the “Maintenance Access Function” to download student information.
BleepingComputer reports that while the exact number is still unknown, 62,000,000 students are likely to have been affected.
Beth Keebler is a spokesperson for PowerSchool.
PowerSchool’s cybersecurity program has seen significant investment over the past few years. This has been an area that the company has focused on and will continue to do so.
Students and teachers whose data was compromised will also receive two complimentary years of identity protection.
Join us at X@InvCryptoDaily to never miss a beat.
Sources of Images include Pixabay Creative Commons & Midjourney
The post Tens Of Millions Of American Schoolchildren’s Personal Data Exposed In Largest Breach To Date: Report is subject to change as new information becomes available.
