PowerSchool Cybersecurity Incident

Emails are being sent as per the previous message to individuals from PowerSchool. The email will specify if you have any information compromised due to the event. Make sure to check your junk email for messages titled: "PowerSchool Cybersecurity Incident"

Dear PowerSchool SIS Customer,

Thank you for your continued patience and partnership as we address the recent cybersecurity incident. Over the last few weeks, we have been focused on assessing the scope of data involved, making further enhancements to our cybersecurity defenses, and developing a plan to help you and our shared community.

As a PowerSchool SIS customer whose information was involved, I am writing to provide you with updates on several important next steps:

Identity Protection and Credit Monitoring Services: PowerSchool has engaged Experian a trusted credit reporting agency, to offer complimentary identity protection and credit monitoring services to all students and educators whose information from your PowerSchool SIS was involved. This offer is being provided regardless of whether an individual’s Social Security number was exfiltrated.
Identity Protection: PowerSchool will be offering two years of complimentary identity protection services for all students and educators whose information was involved.
Credit Monitoring: PowerSchool will also be offering two years of complimentary credit monitoring services for all adult students and educators whose information was involved.
Notifications: Starting in the next few weeks, PowerSchool will be handling notifications to involved individuals and relevant state attorney general offices on your behalf. We hope to relieve the burden of these notifications on you and your institution. You may opt out if you would prefer to notify directly.

• Community: PowerSchool will coordinate with Experian to provide notice on your behalf to students (or their parents / guardians if the student is under 18) and educators, as applicable, whose information was involved, as well as a call center to answer questions from the community. The notice will include the identity protection and credit monitoring services offer (as applicable).
• Regulatory: PowerSchool will provide notification on your behalf to relevant state attorney general offices. You may also have notification requirements with your state’s Department of Education where required. Since many customers have already notified and are in close contact with their state’s Department of Education, PowerSchool will defer to you on these notifications.

In this link, you will find a fact sheet with additional details on these steps and the incident, a template that we intend to use to notify individuals whose information was involved, and a proposed communication that you may choose to share with families and educators to keep them informed on these steps. We are providing this communication package to technical contacts listed by your organization with PowerSchool. Please forward as appropriate to relevant leaders in your organization.

I sincerely value the trust you have placed in PowerSchool. We are committed to learning from this incident, becoming stronger and more resilient as a company for having experienced it – and most importantly – we are committed to serving you and our shared community.

We appreciate all that you are doing to support families and educators through this process.

Sincerely,
Hardeep Gulati
Chief Executive Officer, PowerSchool

Hello New Britain Families and Staff Members,

As you know, schools and school districts worldwide have been impacted by a PowerSchool cyber security breach. PowerSchool is a software vendor which provides our Student Information System (SIS). The breach occurred through PowerSchool's customer support portal, and was not unique to New Britain or originate from CSDNB in any way. 

On Tuesday, January 7, 2025, PowerSchool informed our leadership team that they experienced a cybersecurity incident involving unauthorized access to certain PowerSchool SIS customer data. Unfortunately, they have confirmed that the information belongs to some of CSDNB’s families and educators.

PowerSchool has informed us that the taken data primarily includes parent and student contact information with data elements such as name and address information. Across their customer base, they have determined that for a portion of individuals, some personally identifiable information (PII), such as social security numbers (SSN) and medical information, was impacted. They are working with urgency to complete their investigation and determine whether PII belonging to our students was included.

More information and resources, including credit monitoring or identity protection services if applicable, will be provided to you as it becomes available. Thank you for your patience and understanding.

In partnership, 
Tony Gasper, Ed.D.
Superintendent of Schools