Bozeman, MT – January 9, 2025 – A cybersecurity incident involving PowerSchool, the widely used Student Information System (SIS), has resulted in a data breach affecting Bozeman Public Schools and numerous other educational institutions across the United States and Canada. This Bozeman Public Schools data breach, first reported on January 7th, stems from an incident that occurred on December 28th, 2024.
The PowerSchool Data Breach: Details of the Compromise
The breach originated from a compromised credential within PowerSchool’s support portal, granting unauthorized access to sensitive data. The compromised information includes details pertaining to students, families, and educators within the Bozeman Public Schools district.
Specifically, the compromised data encompasses student contact information, mailing addresses, enrollment status, and lunch program participation. Furthermore, teacher data, including employment status and work assignments, was also affected by this PowerSchool data breach.
The scale of the Bozeman Public Schools data breach is significant, impacting a substantial amount of personal information. The precise extent of the data compromised is still under investigation, with Bozeman Public Schools working closely with PowerSchool to fully assess the situation.
PowerSchool reacted swiftly to the incident, immediately activating its cybersecurity response team. Law enforcement was notified, and a third-party cybersecurity firm was engaged to assist in the investigation and remediation efforts. The compromised credential has been deactivated, and access to the affected portal has been restricted. A comprehensive third-party incident report is anticipated by January 17th.
PowerSchool has confirmed the complete deletion of the accessed data from the source of the breach, providing video evidence to support this claim. They are actively monitoring the dark web for any signs of data misuse.
Bozeman Public Schools has implemented its established data breach protocol, collaborating closely with PowerSchool to identify the specific data fields affected. The district has also engaged its cybersecurity insurance company to leverage additional expertise and guidance in evaluating the impact on students, staff, and families.
The district has pledged its commitment to data security and will provide ongoing updates as more information becomes available from PowerSchool. Credit monitoring services will be offered to affected adults, and identity protection measures will be provided to impacted minors. This proactive approach aims to mitigate potential risks and support those affected by the Bozeman Public Schools data breach.
