January 17, 2025 | Policy Brief
PowerSchool Breach Highlights Growing Cybersecurity Risks in America’s Schools
January 17, 2025 | Policy Brief
PowerSchool Breach Highlights Growing Cybersecurity Risks in America’s Schools
PowerSchool, a cloud-based software provider for K-12 schools, confirmed on January 7 that hackers breached its systems late last year, affecting thousands of school districts across the United States and globally. PowerSchool admitted on January 15 that the unnamed hackers accessed all of its 60 million student and teacher records, underscoring the urgent need to integrate cybersecurity into school infrastructure protection strategies and adopt stronger measures to mitigate cyber threats.
Hackers Stole Student Social Security Numbers
PowerSchool helps schools manage information and communication needs, using the platform to manage grades, attendance, and other student records. Hackers breached the platform using compromised credentials available on the dark web, pilfering student names and addresses, and, in some cases, Social Security numbers and medical records. Press reports indicate PowerSchool paid a ransom to the attackers in exchange for assurances that they would delete the stolen data.
Hackers Increasingly Target Schools for Sensitive Data
The PowerSchool data breach illustrates a growing trend in cyberattacks, which have shifted from traditional ransomware attacks to ones paired with data theft extortion. Instead of encrypting systems and demanding payment for their release, hackers now engage in dual extortion, stealing the sensitive information — instead of or in addition to encrypting it — and threatening its exposure to pressure victims into paying a ransom.
Meanwhile, American school districts are increasingly exploited by criminal hackers looking for easy targets. From January 2023 to June 2024, at least 83 cyberattacks targeted U.S. K-12 schools. While the number of reported ransomware cases dropped between 2023 and 2024, the true number of incidents is likely higher. Since October 2024, victims have reported at least another 85 additional incidents, reflecting an alarming trend.
Initial Efforts to Improve Cybersecurity Need a Jumpstart
Over the past two years, the Biden administration has attempted to focus efforts on the cybersecurity of schools, organizing a “Cybersecurity Summit for K-12 Schools” in August 2023 that featured initiatives by technology companies to provide free and low-cost cybersecurity tools and services. PowerSchool itself partnered with the Cybersecurity and Infrastructure Security Agency to offer free and subsidized cybersecurity training and resources to K-12 schools.
Meanwhile, late last year, the Federal Communications Commission launched a pilot program to provide $200 million to schools and libraries to purchase cybersecurity products. Building on this momentum, the White House Office of the National Cyber Director announced in December 2024 that thanks to federal funding, all K-12 public schools in Rhode Island will implement a cybersecurity service designed to block harmful websites and protect student data.
Steps Toward Safer School Systems
While these efforts mark progress, a more comprehensive strategy is needed to address the scale and complexity of cyber threats facing K-12 institutions. Specifically, the federal government should incorporate cybersecurity as a critical element of its school infrastructure protection strategy. The White House Toolkit for Sustainable and Healthy Schools, published in April 2024, promotes creating safe and sustainable learning environments but overlooks the need to safeguard sensitive data from cyber threats.
The Trump administration should expand this initiative by helping school administrators implement continuous cybersecurity training and awareness for faculty and staff as the first line of defense against cyber threats. In addition, the federal government should establish mandatory standards for third-party vendors, requiring regular audits and compliance checks so that schools can reliably use technology to improve learning without introducing new avenues for cyber threats.
Jiwon Ma is a senior policy analyst at the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies (FDD), where Maria Riofrio is an intern. For more analysis from the authors and CCTI, please subscribe HERE. Follow Jiwon on X @jiwonma_92. Follow FDD on X @FDD and @FDD_CCTI. FDD is a Washington, DC-based, nonpartisan research institute focused on national security and foreign policy.