Glenwood Community School District Data Breached In PowerSchool Cybersecurity Attack

Personal information belonging to Glenwood Community School District families and staff has been confirmed as being part of a cyberattack security breach at educational software company PowerSchool.
PowerSchool is a cloud-based software provider that provides thousands of K-12 schools nationwide with operation platforms ranging from enrollment, communication and attendance to staff management, learning systems, analytics and finance.
The company internally confirmed a cybersecurity breach incident internally in late December and notified clients Jan. 6. The “unknown threat actor,” according to the company’s release, gained access to the portal using “compromised credentials and stole data including personal information of students and school districts that use its student information system (SIS) platform.
The Glenwood Community School District was among the hundreds of districts impacted in the breach.
Shortly after being notified by PowerSchool, GCSD sent out an email to district families and staff making them aware of the breach and the potential personal data involved.
“This week, PowerSchool informed our leadership team that they experienced a cybersecurity incident involving unauthorized access to certain PowerSchool SIS customer data,” read the email. “This event encompasses thousands of schools worldwide, but unfortunately, they have confirmed that information belongs to some of Glenwood’s families and educators.”
The email went on to say the stolen data included personal identifiable information, such as social security numbers and medical information.
Glenwood Superintendent Nicole Kooiker said the investigation is ongoing so it’s unclear currently what personal information from Glenwood might have been accessed.
“It wasn’t a Glenwood hack, it was a PowerSchool hack so we’re working with them, and they’re being very cooperative, on figuring out if they really did Glenwood information and if they did, what information was it,” Kooiker said. “They have told us they think some of the data has already been deleted so we’re still not sure what information was actually taken.”
The data breach comes as the district has been receiving reports of a suspected scam phone call going out to district parents. The calls are allegedly demanding parents provide credit card information for $250 for non-existent ACT prep materials.
“I’m digging into that, and I am working with our technology director and I’m sure we’ll be putting out more information on that as we have it,” Kooiker said.
Kooiker was hesitant to connect the breach and the recent scam calls without conclusive evidence, but the coincidence does raise concerns.
“People definitely think they’re related so whether they are or not, we’re going to have to address it. I think it’s definitely possible they’re related. It’s a strange coincidence if it’s not.”
The district remains in contact with PowerSchool. They will also continue to get information out the public as it becomes available.
“It’s hard to get out information until you know what’s really accurate because you don’t want people to worry about what they don’t need to worry about,” Kooiker said. “We want to inform people what we know. We’re hoping to know more soon, whether that’s about the hack or this scam. We want people alerted.”
This isn’t Glenwood’s first brush with a cyberattack.
In July of 2019, what was believed to be Eastern European-based hackers punctured the GCSD network, took control of a server and stole data. The ransomware attack resulted in the district’s insurance company paying the hackers $10,000 for the return of the data.
That cyberattack compelled Glenwood to inprove its security efforts and harden its network firewall. No major breaches have occurred since.
“PowerSchool is facing the same demands from hackers,” she said. “I don’t know the threat actor or what the demand is, but we know it was an attack and they’re demanding something. This is unfortunately the whole new layer with how much we’re online now.”