During the second week of January, Westfield Academy and Central School District was alerted of a cybersecurity breach involving PowerSchool, a software vendor that manages data for Student Information Systems.

Technology Coordinator and Chief Privacy Officer for WACS, Can Tenamore, told district officials the cybersecurity breach, which affected tens of millions of students and teachers, did not involve Westfield. “Westfield Academy and Central School has not been identified by PowerSchool as being impacted by this breach,” he said. “However, we remain vigilant in safeguarding our systems and the information entrusted to us.”

According to their website, “PowerSchool is committed to being a good custodian of student data, taking all reasonable and appropriate countermeasures to ensure data confidentiality, integrity, and availability.”

Nevertheless, according to Education Week, on Dec. 28, PowerSchool’s PowerSource customer support portal was accessed using compromised credentials, exposing the personal information of millions of students and teachers.

Westfield Superintendent Michael Cipolla addressed the Board of Education about the PowerSchool data breach at their meeting on Jan. 13. “There was a breach and information was compromised,” he said. “Fortunately, WACS was not one of the schools that was compromised.”

Cipolla went on to say Tenamore is watchful in safeguarding all data entrusted to the district, and he works diligently to keep personal information secure. “Can is going to attend a virtual conference to make sure our district is safe,” he added.

Cipolla went on to say school districts need to maintain constant vigilance regarding information. “This incident magnifies the critical importance of having consistent processes in place to evaluate where sensitive information is being stored, how it is being accessed, and how often it is reviewed for vulnerabilities.”

On Sunday, January 19, the Daily Tar Heel, as well as other newspapers in affected communities, reported that the breach occurred on Dec. 19, but PowerSchool did not discover the incident until Dec. 28 and reported it over a week later on Jan. 7.

TechCrunch also reported that “A cyberattack and data breach at U.S. edtech giant PowerSchool that was discovered December 28 threatens to expose the private data of tens of millions of schoolchildren and teachers.”

PowerSchool’s website says its school records software is used by 18,000 schools to support more than 60 million students across North America. In a communication shared with its customers last week, PowerSchool confirmed the unnamed hackers stole “sensitive personal information” on students and teachers, including some students’ Social Security numbers, grades, demographics, and medical information.