Update: January 24, 2025
We are providing an update on the recent cybersecurity incident with PowerSchool, our Student Information System vendor. As previously communicated, the Farmington Public Schools and many other school districts using PowerSchool were notified that district data was included in a breach.
At this time, what we know is the following:
- The event was a result of a compromised PowerSchool support contractor account.
- The perpetrator used support resources to access customer databases.
- The perpetrator specifically accessed the STUDENTS table and the TEACHERS table and accessed data primarily related to contact information.
- PowerSchool has provided a statement that the data has been secured and deleted, and they continue to monitor the situation.
As a reminder, Farmington Public Schools does not store social security numbers in PowerSchool.
PowerSchool has communicated that it intends to directly communicate with any individual impacted in the coming weeks and will be providing two years of credit monitoring services through Experian. According to the information provided, PowerSchool will not contact you by phone or email. The company has set up a website with frequently asked questions at https://www.powerschool.com/security/sis-incident.
We continue to closely monitor PowerSchool’s response. We take the privacy of student information very seriously and expect our vendors do the same.
—————-
January 8, 2025
We are writing to inform you of a cybersecurity incident involving PowerSchool, the vendor for our Student Information System (SIS).
Late Tuesday, January 7th, we were notified that on December 28, 2024, PowerSchool discovered unauthorized access to certain data through their customer support platform. According to PowerSchool, Farmington Public Schools data was included in the breach, and we later learned that many other school districts around the country and Canada were also included.
PowerSchool has assured us that the breach is contained, and the credentials that were compromised have been deactivated. PowerSchool informed customers that they engaged a firm to ensure that the data was not shared or made public, and they believe the data has been deleted and that no additional copies exist. This afternoon, PowerSchool executives held an informational webinar with customers to discuss the incident. It was emphasized that the only impacted system was the PowerSchool SIS, and not other PowerSchool products.
In the coming days, PowerSchool will provide further updates. We take the privacy and security of our students, faculty, staff, and families very seriously. It is important to note that Farmington Public Schools does not store Social Security Numbers or Health information within PowerSchool. We are closely monitoring PowerSchool’s response and holding them accountable to their commitments of transparency, privacy of information and security.
If you have any immediate concerns or questions, please do not hesitate to contact our Director of Finance and Operations, Matt Ross by email rossm@fpsct.org. We are committed to keeping you informed and will provide updates as we learn more.
Thank you for your patience and partnership.
