A hacker compromised the U.S. edtech giant PowerSchool months before its ‘massive’ data breach in December, according to a now-published forensic report into the incident conducted by U.S. cybersecurity firm CrowdStrike.
In a letter sent to affected customers last week, seen by TechCrunch, PowerSchool confirmed that an investigation into the incident has revealed that its network “experienced unauthorized activity prior to December,” which CrowdStrike dated back to at least August 2024.
PowerSchool previously said it detected unauthorized access to its systems between December 19 until it discovered the compromise on December 28, 2024.
In its report, CrowdStrike said that a hacker using the same compromised support credentials used in the December breach to access PowerSchool’s network between August 16, 2024, and September 17, 2024. The credentials were used to access PowerSchool PowerSource, the same customer support portal compromised in the December breach to gain access to PowerSchool’s company’s school information system (SIS).
PowerSource “allows a support technician with sufficient permissions to gain access to customer SIS database instances for maintenance purposes,” according to CrowdStrike.
CrowdStrike said it did not find “sufficient evidence to attribute this activity to the threat actor responsible for the activity in December 2024,” because PowerSchool’s log data “did not go back far enough.” However, CrowdStrike’s findings suggest that the December breach of PowerSchool breach could have been prevented if the compromised credentials were changed sooner.
When asked by TechCrunch on Monday, PowerSchool spokesperson Beth Keebler declined to say whether the company was aware of this earlier access to its network prior to the release of CrowdStrike’s report.
Many questions remain about the PowerSchool breach, such as the total number of individuals affected. PowerSchool has repeatedly declined to provide an accurate figure, though reports suggest that the personal information of more than 60 million students was accessed.
DeepSeek: Everything you need to know about the AI chatbot app
DeepSeek has gone viral. Chinese AI lab DeepSeek broke into the mainstream consciousness this week after its chatbot app rose to...
Automattic CEO Matt Mullenweg talks succession — ‘I don’t want to pass it to a committee’
Calls for WordPress co-founder and Automattic CEO Matt Mullenweg to step down from his leadership role have increased in recent...
2 days left to save up to $325 on Sessions: AI tickets
Time is ticking to get AI industry insights — and major savings. There are just two days left to save...
Alexa+ can read, summarize and recall lengthy documents
At Amazon’s annual Devices & Services event on Wednesday, the company introduced Alexa+, an enhanced version of its voice assistant,...
