Powerschool Cybersecurity Incident Updates

PowerSchool Data Breach Communications



Incident Update - May 5, 2025

Incident Update - February 21, 2025
Incident Update - February 6, 2025
Incident Update - January 30, 2025
Incident Update - January 13, 2025

Notice of Incident - January 8, 2025


Notification and Safeguards

Example of PowerSchool Email

Steps You Can Take To Help Protect Personal Information


Frequently Asked Questions (FAQ)

The PowerSchool email and the services offered
I received an email that claims to be from PowerSchool. Is it legitimate?

We understand PowerSchool has sent emails to students, parents/guardians, and educators whose information was involved in the incident. We understand from PowerSchool the email was or will be sent from one of the following similar email addresses:
[email protected]
[email protected]
[email protected] If you receive or have received an email from any one of these email addresses with the subject line “PowerSchool Cybersecurity Incident”, we have been assured by PowerSchool that it is a legitimate email.

Whether or not you received the email from PowerSchool, you may also visit PowerSchool’s website to learn how to activate the identity protection and/or credit monitoring services. The PowerSchool website also includes information in French.

I have a question about how to sign up for the identity protection and/or credit monitoring services offered by PowerSchool.

PowerSchool has advised that you can call 1-833-918-7884 if you have any questions.

For those able to utilize credit monitoring services (anyone age 18 and over), you will be prompted to validate before activating by entering your name and date of birth. Anyone, including those under 18, can utilize the identity protection services. We encourage you to sign up for the services offered by PowerSchool.

The incident
What happened? 

PowerSchool informed Red River Valley School Division that it had experienced a cybersecurity incident involving unauthorized access to and exfiltration (acquisition) of certain customer information between around December 19 and December 28, 2024. Red River Valley School Division is a customer of PowerSchool, like many other educational institutions across North America. PowerSchool provides a Student Information System (SIS) used by Red River Valley School Division and thus we were informed by PowerSchool that information stored by Red River Valley School Division in our SIS was involved in the incident.  

We understand PowerSchool has sent emails to students, parents/guardians, and educators whose information was involved in the incident. We understand from PowerSchool the email was or will be sent from one of the following similar email addresses: [email protected]; [email protected]; or [email protected].

Whether or not you receive an email, you may also visit PowerSchool’s website to learn how to activate the identity protection and/or credit monitoring services being offered. The PowerSchool website also includes information in French. For those able to utilize credit monitoring services (anyone age 18 and over), you will be prompted to validate before activating by entering your name and date of birth. Anyone, including those under 18, can utilize the identity protection services. PowerSchool has advised that you can call 833-918-7884 if you have any questions.

We have been informed that PowerSchool has contained the incident and that there is no evidence of malware or continued unauthorized activity in the PowerSchool environment. There have been no operational impacts on the Red River Valley School Division as a result of this incident.
Who did this and for what purpose?

This incident occurred at PowerSchool. Unfortunately, organizations across the public and private sectors are increasingly being impacted by incidents like this.
 How did you respond to the incident? 

When we learned of the incident, we conducted an investigation with the assistance of experts and worked diligently to request more details from PowerSchool. We have been assured by PowerSchool that the incident has been contained. We took steps to confirm there was no ongoing threat and to reduce the risk of a similar future threat, including by confirming that PowerSchool: engaged its cybersecurity response protocols, engaged a cybersecurity expert to conduct a forensic investigation, deactivated a compromised account, conducted a full password reset, initiated enhanced processes for access, further strengthened password policies and controls, and notified law enforcement. PowerSchool has also advised that it has taken steps to prevent the information involved from further unauthorized access or misuse, that it does not anticipate the information being shared or made public, and that it believes the information has been deleted without any further replication or dissemination.

PowerSchool has notified Canadian privacy regulators about this incident. (Red River Valley School Division has already informed the Manitoba Ombudsman.)  PowerSchool has or will be notifying individuals by email and we understand the email was or will be sent from one of the following similar email addresses: [email protected]; [email protected]; or [email protected].  Whether or not you receive an email, you may also visit PowerSchool’s website to learn how to activate the identity protection and/or credit monitoring services. The PowerSchool website also includes information in French. For those able to utilize credit monitoring services (anyone age 18 and over), you will be prompted to validate before activating by entering your name and date of birth. Anyone, including those under 18, can utilize the identity protection services. PowerSchool has advised that you can call 833-918-7884 if you have any questions.
 Has the incident been resolved? 

We have been informed that PowerSchool has contained the incident and that there is no evidence of malware or continued unauthorized activity in the PowerSchool environment. There have been no operational impacts on Red River Valley School Division as a result of this incident.

The response
Has law enforcement been notified?

Yes, PowerSchool has advised us that it has notified law enforcement. Has the Manitoba Ombudsman been advised?

Yes, the Manitoba Ombudsman has been advised.

The impact
Why did this happen to Red River Valley School Division?

PowerSchool is a vendor used by many educational institutions in North America. We are a customer of PowerSchool and, as a result of the incident experienced by PowerSchool, we were impacted. We have no reason to believe that the Red River Valley School Division was a specific target in this incident.

The data
Has information been accessed? Was information from the Red River Valley School Division exposed?

You will see that PowerSchool includes in the email a description of some of the information that was potentially involved in the incident. The information involved varies by person. 

For students, the information involved will generally be limited to information parents/guardians provided to the Red River Valley School Division upon registration of their child as a student or any subsequent updates to that information. For many students, the information involved was name, date of birth, gender, phone number, address, doctor’s name and phone number, MET number, school ID number, and/or enrolment/registration records as well as the parent/guardian’s name and contact information. For a small number of students, there was also relevant medical information (e.g., allergies) and/or relevant alerts (e.g., related to discipline, guardian, custody, or other issues).

For staff, the information involved was name, contact information, address, Professional School Personnel number, and/or school ID number.
The email from PowerSchool also refers to Social Insurance Number (SIN) as potentially involved but should also include a statement if there is no evidence that your SIN was involved - please review carefully. As we mentioned previously, based on our own investigation of the information stored in our SIS, we can advise that no parent/guardian, staff, or student SIN, banking, or credit card information has been identified as stored in our SIS and thus was NOT involved in the incident - the email from PowerSchool should thus say there is no evidence your SIN was involved. PowerSchool has nevertheless offered identity protection and/or credit monitoring to all individuals with any information involved. We encourage you to sign up for the services offered by PowerSchool.


Website by SchoolMessenger Presence. © 2025 SchoolMessenger Corporation. All rights reserved.