The school superintendents of Somerset and Worcester County public schools have informed parents of how their school systems were impacted by this week’s cybersecurity breach involving PowerSchool.
Here’s what we know so far, and what each superintendent had to say.
Worcester County superintendent shares info about data breach
In a message posted Friday afternoon on Facebook to the school community, Worcester Superintendent Lou Taylor wrote that PowerSchool, the software vendor that provides the school system’s Student Information System (SIS), had informed Worcester about the cybersecurity incident.
“On Jan. 7, 2025, PowerSchool notified WCPS that a cybersecurity incident occurred which involved the unauthorized access to certain PowerSchool SIS data,” Taylor shared in the Facebook post. “This was an attack on PowerSchool as a company and not directed at any one school district. Unfortunately, WCPS is one of the many school districts throughout the world which has been affected by this event. Through discussions with PowerSchool, the company acknowledged that there was no action WCPS could have taken to prevent the breach.”
New businesses in 2025: What businesses are coming in 2025? Here are 6 set to open in Salisbury, Ocean City, more
Taylor went on to explain what kind of data had been accessed in the incident.
“PowerSchool informed WCPS that the accessed data includes staff, parent, and student contact information and some personally identifiable information, such as social security numbers and medical information. PowerSchool has also advised WCPS that this incident is now contained, and we have been assured that there is no current and ongoing threat to our student and staff data. PowerSchool further advised that it has notified the FBI and hired a cybersecurity firm to assist in addressing the breach.”
Somerset school leaders discuss impact of cybersecurity incident
Somerset County Superintendent Ava Tasker-Mitchell and Director of Schools Tracie Bartemy also shared in a letter to the Somerset schools community that the school system was impacted by Tuesday’s PowerSchool cybersecurity incident.
“On Tuesday, Jan. 7, 2025, PowerSchool, the company that provides Somerset County Public Schools’ (SCPS) student information system (SIS), announced a cybersecurity incident affecting the SIS data of a number of their customers nationwide. Unfortunately, they have confirmed that SCPS’ data was impacted by the incident,” they wrote in the letter posted to Facebook.
Prep basketball games to watch: Games to Watch: Top basketball matchups to watch in the Bayside South in January
Somerset’s school leaders also shared what kind of data was impacted.
“The compromised data primarily includes student, family and staff contact information, like names and mailing addresses. Across their customer base, they have determined that for a portion of individuals, some personally identifiable information (PII), such as social security numbers (SSN), was impacted,” they wrote. “… PowerSchool has confirmed that the breached data file has been deleted and is no longer accessible.
“Through discussions with PowerSchool leadership, it was made clear there was no additional action SCPS could have taken to prevent the breach. PowerSchool said the incident was an attack on the company, not any particular school system.”
This article originally appeared on Salisbury Daily Times: Worcester, Somerset schools impacted by PowerSchool data breach