PowerSchool breach may impact Districts 55, 56

Laurens County, South Carolina – An international cybersecurity data breach has impacted a portion

of PowerSchool’s customers, including Districts 55 and 56 in Laurens County. On Thursday, the information had been posted to District 56’s website and District 55 sent a letter to its families and staff.

The South Carolina Department of Education press release on Wednesday explained that the SCDE was alerted to the breach late on Tuesday, and on Thursday it was reported that its state officials in Columbia are remaining in close communication with the districts to determine if, and what, impacts the breach may have caused.

The security breach affected all but four districts in South Carolina, SCDE said on Thursday, and those include Edgefield County, Greenville County, Horry County and Richland School District Two.

During a meeting with PowerSchool’s senior leadership, they confirmed that personally identifiable information (PII) was compromised. With almost every South Carolina district affected, the SCDE is currently working to understand the full scope of the breach. PowerSchool has stated that the breach has been contained and the company has taken steps to secure its systems, engage cybersecurity experts, and is also coordinating with law enforcement to address the breach.

Commenting on the seriousness of this incident, State Superintendent of Education Ellen Weaver said, “The protection of our South Carolina students’ and educators’ personal data is non-negotiable. We fully recognize the anxiety this raises for them and their families.”

She continued, “While PowerSchool has taken accountability for this breach, our Department will take uncompromising action to ensure we uncover the complete extent of this incident.  We will insist that PowerSchool not only notify affected individuals but also provide them with credit and identity monitoring services.”

The SCDE will continue to engage and support districts and schools throughout this process as more information becomes available.

The SCDE said it will remain in close communication with districts on what steps should be taken to mitigate the damage to students and teachers.
Currently, a number of districts are working with the South Carolina District Data Governance Group (DDGG) to determine if data was extracted as a result of the unauthorized access, and will continue to work with all impacted districts to assist them in making this determination.

See full press releases at the South Carolina Department of Education website, https://ed.sc.gov/.