- CCSD 89 Preschool
- Homepage
PowerSchool data breach
Community Consolidated School District 89 has been informed that we are one of the districts impacted by a data breach at PowerSchool, a company that our district uses to store student and staff information. During a webinar yesterday afternoon, PowerSchool provided the district with an initial understanding of the potential scope of the data breach that is affecting thousands of school districts.
PowerSchool has confirmed there was unauthorized access to CCSD 89 data fields that included current and past student information. A wide variety of student information is managed in PowerSchool including attendance, grades, addresses, phone numbers, email addresses, student supports, and some limited medical information. The district has been able to confirm that no current student’s social security number was accessed during this breach.
PowerSchool confirmed that the breach was in their system and not related to any district actions. PowerSchool said that on December 28, they realized there had been unauthorized access to their servers, and data fields from thousands of districts had been downloaded. PowerSchool indicated they have closed the loophole that was used to access data and they have reason to believe the data was not shared. PowerSchool said they are actively monitoring for any data leaks. The CCSD 89 technology team is monitoring the district’s records stored in PowerSchool.
Unfortunately, at this time, PowerSchool has only released limited information about the breach to the public and affected school districts. PowerSchool has indicated they will assist families and school districts impacted by this breach but they have not yet shared information on their next steps. The district’s technology team has contacted PowerSchool for further information and will continue to follow up on this issue.
These data breaches are frustrating and unsettling. CCSD 89 takes the security of all student, family, and staff data as seriously as the safety of our physical buildings. The district has implemented multiple processes that are designed to continually protect our data and systems, including:
-
Limited access to student data systems. Only staff members with a legitimate need to use staff or student data have access to those systems.
-
Cybersecurity best practices. The district follows industry best practices including strong password policies. The technology team is constantly monitoring for new threats and ensuring the district is in compliance with security requirements.
-
Phishing tests. The district regularly conducts phishing tests to help staff identify suspicious emails that are trying to steal sensitive information, including passwords.
CCSD 89 is working with PowerSchool to ensure no additional information was affected by the breach. The district will share any significant further developments by email.
Posted: January 9, 2025