PowerSchool Data Breach Exposes North Carolina Student and Staff Records

A cybersecurity breach occurred In December 2024 that affected more than 62.4 million current and former students and teachers, including 4 million people in North Carolina.

The breach hit PowerSchool, a software product used by schools, when hackers stole a contractor's login credentials. The hacker was able to gain access to data from Clinton City and Sampson County Schools in North Carolina, which included names, contact information, dates of birth, limited medical alert information, and social security numbers.

Attorney General Jeff Jackson is launching an investigation into PowerSchool to verify that they did not break any laws which led to the data breach. Jackson is concerned with holding businesses and organizations responsible for failing to protect citizens information properly.

“We found out that PowerSchool (contracted with Experian) is going to agree to pay two years of credit monitoring for any individuals who are now adults that were affected by their data branch,” Executive Director of Technology and Auxiliary Services John Lowe said in an interview with The Sampson Independent. “If they’re still minors, they will receive identity protection. The adults receive both credit monitoring and identity protection for two years at no cost. So we sent out notifications to parents and guardians that, that would be coming.”

No financial information was compromised. While PowerSchool notified current users, former students weren't informed about the breach.

PowerSchool is offering two years of identity protection services to students and teachers affected by the breach. They are also offering a credit monitoring service.