Farmington Municipal Schools families and staff were emailed about a PowerSchool cybersecurity breach on Jan. 10.
The breach occurred Tuesday, Jan. 7, according to the email, and the district was notified by the company that day.
PowerSchool provides the district with the Student Information System, and the breach compromised data primarily involved with some families and staff.
“The compromised data primarily includes parent and student contact details, such as names and addresses,” the district said. “Additionally, for some individuals across PowerSchool’s customer base, sensitive personal information, like Social Security numbers (SSNs) and medical details, may have been accessed.”
According to the email, the company is addressing the issue and will provide those affected with additional resources.
The district said in the email that updates will be shared when they are available.
FMS responded to requests made by the Tri-City Record with a statement.
“FMS is extremely concerned with this security breach and is communicating with PowerSchool to understand the full extent of the incident and what they’ll do to prevent it from happening again in the future,” the district said. “FMS is committed to keeping our families informed and will continue to share updates as we learn more.”
The Central Consolidated School District also might have been affected, according to public relations supervisor Jerrod Noble.
“Central Consolidated School District is working closely with PowerSchool to determine the full extent of the impact on our school community,” the district said in a news release.” PowerSchool has investigated the incident and will provide Central Consolidated School District with further information and resources, including potential credit monitoring or identity protection services if applicable.”
A PowerSchool spokesperson, responding to the Tri-City Record via email, said the company was made aware of a potential cybersecurity incident that occurred through one of the community-focused customer portals, PowerSource, on Dec. 28.
“As soon as we learned of the incident, we immediately engaged our cybersecurity response protocols and mobilized a cross-functional response team, including senior leadership and third-party cybersecurity experts,” the spokesperson said.
Because of the ongoing investigation, PowerSchool did not respond to the number of districts and schools that have been affected.
“We are in communication with those customers directly and are supporting them through next steps,” they said.
Lynch Carpenter, a national class-action law firm, announced an investigation of claims made against PowerSchool related to the breach.
“If you received a data breach notification from PowerSchool, or your child’s school or school district, you may be entitled to compensation,” a news release from Lynch Carpenter said.
