San Diego Unified School District

SDUSD still investigating extent of PowerSchool data breach impacting students

PowerSchool detected the leak on Dec. 28.

San Diego Unified School District signage is seen on a Navistar International Corp. school bus at the San Diego Unified School District Transportation Department in San Diego, California, U.S., on Thursday, July 9, 2020. The U.S. economy is caught in the middle of President Trump’s tug-of-war to reopen schools — and could end up damned no matter what happens. Photographer: Bing Guan/Bloomberg via Getty Images
Getty Images

San Diego Unified School District signage is seen on a Navistar International Corp. school bus at the San Diego Unified School District Transportation Department in San Diego, California, U.S., on Thursday, July 9, 2020. The U.S. economy is caught in the middle of President Trump’s tug-of-war to reopen schools — and could end up damned no matter what happens. Photographer: Bing Guan/Bloomberg via Getty Images

The San Diego Unified School District Monday continued investigating the extent of a data breach by a third-party software company impacting students in the district.

The data breach was announced last week by PowerSchool, a student information system used by more than 70% of school districts across the country and serving more than 60 million students and teachers. The company detected the leak on Dec. 28.

The district — the second largest in California — sent emails to the families of its nearly 100,000 students that their children may have had information leaked.

According to W. Drew Rowlands, SDUSD's deputy superintendent of operations, the company informed the district the information taken was primarily contact information such as names, addresses and phone numbers. Highly sensitive information such as social security numbers and certain medical conditions — such as if the student wears glasses, has food allergies or asthma — may have also been stolen.

According to the district, it uses an information system provider called PowerSchool. The provider told the district it was the target of a cybersecurity incident discovered on Dec. 28 and that some student data was downloaded by an unauthorized user.

"No detailed medical information was impacted," Rowlands said. "PowerSchool is working with urgency to complete their investigation and determine whether [personally identifiable information] belonging to our students was included.

"If your student is one of those affected by the release of PII, you will be offered support from PowerSchool in the coming days, such as credit monitoring or identity protection services."

PowerSchool has hired a cybersecurity firm to determine the nature of the data breach, which happened on a national level. San Diego Unified is the only local district to have confirmed compromised data from the incident, but the full extent is not yet known.

Copyright City News Service
Contact Us