Tornillo ISD, a small school district southeast of El Paso, reported this week that student and teacher information was caught up in the recent PowerSchool cybersecurity breach.
It is one of the thousands of U.S. schools that uses the company’s student information system (SIS) software. PowerSchool notified affected school districts via email early this month about the breach.
On Monday PowerSchool posted that it has begun notifying state attorneys general as required by law. The Texas Office of the Attorney General publishes data breach reporting, but this breach was not yet published on Tuesday.
The company became aware Dec. 28 that hackers had used a “compromised credential” to export sensitive student and teacher data from PowerSchool SIS. The system serves more than 45 million students in 15,000 schools and districts nationwide, as reported in Government Technology.*
The Tornillo school district website describes the incident, saying, “We know that data from the ‘Student’ and ‘Teacher’ tables were exported. Tornillo ISD may not be using all of the fields listed on these two websites. More detailed information will be provided as soon as it becomes available.”
The district has four schools and about 800 students, according to its website.
Texas schools using the SIS vary in size, and not all have been affected. For example, Dallas ISD, with more than 140,000 students, reported that its data wasn’t affected.
*Government Technology is Industry Insider — Texas' sister publication.
Tornillo ISD Among Schools Impacted by December Cyber Breach
PowerSchool, used in Texas public schools, has been notifying customers and state attorneys general about how a cyber attack affected student and school district data.
Shutterstock_deepadesigns
