Hackers Infiltrated PowerSchool Network Well Before December Attack

It has been announced that the CrowdStrike investigation into PowerSchool’s large-scale data breach that took place in December 2024 has been published. It was determined during the investigation that unauthorized access to the company’s systems occurred four months prior, beginning in August and continuing in September, with the initial breach taking place in August and September. With more than 60 million students and 18,000 customers worldwide, PowerSchool is the world’s leading cloud-based software provider for K-12 education. 

Among the many services PowerSchool offers are enrollment management, communication tools, attendance tracking, staff administration, learning solutions, analytics, and financial management, among others. PowerSchool disclosed in December of an unauthorized access to its customer support portal, PowerSource, which had been compromised by threat actors.
It was discovered in this portal that there was a remote maintenance tool that was used by attackers to connect with customer databases. As a result of this vulnerability, sensitive information such as full name, physical address, contact information, Social Security number (SSN), medical records, and academic grades could have been accessed. 

According to CrowdStrike’s investigation findings, there was an extensive amount of information about the security incident that gave further insight into the timeline and scope, emphasizing the need for enhanced cybersecurit

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.