Actionable Steps to Secure Sensitive Data and Strengthen Cyber Defenses

School districts across the country are grappling with the implications of the PowerSchool breach that occurred in late December 2024. This breach compromised personal data, including names, Social Security numbers, medical information and grades, affecting many districts relying on PowerSchool’s platform.

If your district is one of the affected schools or simply uses PowerSchool as part of your IT infrastructure, you may be wondering what steps you should take next to protect your network and restore confidence in your systems. Here’s what you need to know, and more importantly, what actions you should consider now to safeguard your data and prevent further damage.

Understanding the Breach & Its Fallout

PowerSchool, a leading provider of K-12 educational technology, serves over 60 million students worldwide. The breach occurred between Dec. 19 and 28, 2024, when unauthorized individuals accessed PowerSchool’s support platform, PowerSource, through compromised credentials. While PowerSchool has assured the public that it has contained the breach and the data has been deleted, districts are left to deal with the potential fallout.

Though PowerSchool is a third-party service, and the breach didn’t directly affect your district’s network, the compromise of personal data—including Social Security numbers and academic records—raises concerns that cannot be ignored. The implications of this breach could affect your students, staff and families, especially when it comes to communication and response to the breach.

5 Steps to Take Now

While PowerSchool has deactivated the compromised accounts and reset passwords, you should not assume the issue is over. Here are some steps you should be taking to ensure your district remains secure:

  1. Disable Remote Maintenance in PowerSchool Console

To prevent further unauthorized access, district IT teams should immediately disable remote maintenance in the PowerSchool console. This will help prevent hackers from exploiting any remaining vulnerabilities. It’s important to review system logs to determine what data, if any, was exposed and to begin notifying affected individuals—including students, staff, and parents—as well as your cybersecurity insurer and state authorities. This step ensures transparency and adherence to privacy laws.

  1. Consider a Password Reset

Given the possibility that passwords for critical systems may have been compromised, it’s important to evaluate whether a password reset is necessary. This should include resetting passwords for accounts that have direct access to student and staff data, such as administrative portals, communication systems and any other sensitive databases. This reset process can be time-consuming, but it’s necessary to maintain security moving forward.

  1. Enable Multi-Factor Authentication (MFA)

Now is the time to implement stronger security measures to reduce the risk of future attacks. Enabling Multi-Factor Authentication (MFA) should be a top priority for your district. MFA adds an extra layer of security by requiring users to provide something beyond just a password, such as a code from an authentication app or a biometric scan. This significantly reduces the chance of unauthorized access, even if login credentials have been compromised.

In addition to enhancing security, implementing MFA also ensures compliance with rising regulations and cyber liability insurance requirements. Many insurance providers now require MFA as a standard for policy eligibility or renewal. Failure to adopt MFA could result in higher premiums or, worse, the denial of coverage.

  1. Run a Penetration Test

Breaches like this serve as a stark reminder that no system is completely immune to cyberattacks. Now is the ideal time to assess the overall health of your district’s network by conducting a Penetration Test. This test simulates an attack on your network to identify vulnerabilities before malicious actors can exploit them. A Penetration Test can uncover weaknesses that may not be immediately visible, allowing you to address them proactively.

Working with a trusted technology advisor can help you uncover gaps in your network security and provide actionable steps to mitigate them. At Adams Brown Technology Specialists, we offer Penetration Testing services that can identify vulnerabilities and help you shore up your defenses.

  1. Partner with a Technology Consultant

For districts unsure of the next steps or those lacking internal resources, it’s wise to consult with a technology advisor who can provide guidance. Technology consulting services can help you navigate complex cybersecurity landscapes and ensure that your district is taking the necessary steps to secure sensitive data.

Communicating with Stakeholders

It’s important to communicate openly and transparently with your students, staff and parents. The breach may have left many feeling concerned or even fearful about the security of their personal data. As a district, you should provide clear, actionable information about what occurred, the steps being taken to secure data moving forward, and any actions parents or staff need to take (such as monitoring for suspicious activity).

Prepare to answer common questions and offer reassurance that your district is doing everything possible to protect sensitive information.

Don’t Wait for the Next Breach

By acting now, you can improve the safety and privacy of your students, staff and families while reinforcing your district’s commitment to cybersecurity.

Contact Adams Brown Technology Specialists to discuss a game plan for your school district. We’re here to help you safeguard your district’s data and strengthen your overall network security.