Hackers compromised sensitive data of millions from PowerSchool, affecting students and families across the U.S.
California: So, there’s been a big data breach at PowerSchool, the education software company. They’ve confirmed that hackers got their hands on sensitive info for millions of kids and adults.
This all went down back in December, but it’s just coming to light now. The hackers accessed student addresses, Social Security numbers, grades, and even medical info. Schools use PowerSchool for keeping track of student records and attendance.
It’s not just students who are affected; the names, phone numbers, and emails of parents and guardians might also be compromised. The hackers used a stolen login to break into the customer support portal. PowerSchool serves around 16,000 customers and is used by over 50 million students in North America.
This incident is part of a worrying trend. Cybercrimes are on the rise, with the FBI reporting nearly 900,000 complaints last year. That’s a 10% jump from the previous year and almost double what was reported in 2019. The financial losses from these crimes are staggering, estimated at $37.4 billion since 2019.
PowerSchool was even extorted to pay a ransom to keep the stolen data from leaking, though they haven’t disclosed how much. It’s a classic case of how cybercriminals operate these days.
Rob Scott, a tech law expert, pointed out that using legitimate credentials to access systems is more common than you might think. People often picture hackers using fancy software, but many breaches come from accounts bought on the Dark Web or from employee mistakes like poor password management.
This wasn’t a ransomware attack, which is when hackers lock you out of your data. There were over 2,800 ransomware incidents last year, mainly targeting healthcare and government sectors. But most cybercrimes are driven by money.
As these breaches become more frequent, it’s likely that your data has been compromised at some point. Kiran Chinnagangannagari, a cybersecurity expert, mentioned that the internet is now a data-hungry place, especially with the rise of AI systems.
While some states have laws to protect consumer data, experts feel these laws don’t do much to help. They often put the burden on companies to inform consumers after a breach, which can be tough for a company that’s already been victimized.
Chinnagangannagari believes laws that promote better data protection practices are more effective. For instance, HIPAA has strict rules for healthcare data, and California’s privacy laws include guidelines on data collection.
Even though it feels overwhelming, there are steps you can take to protect yourself. Be careful about where you share your info, read the terms of service for apps, and don’t reuse passwords. Using multi-factor authentication is a smart move, too.
There are also services that can alert you if your data has been part of a breach. It might feel like a lot, but staying vigilant and monitoring your accounts for unusual activity can help you navigate this new reality.
Chinnagangannagari reminds us that this is a different world than what we grew up in, and we need to adapt to it.
