February 6, 2025
PowerSchool Cybersecurity Update #4
Dear Red River Valley School Division Community,
We are writing to provide a further update about the cybersecurity incident that PowerSchool, our student information system (SIS) provider, recently experienced.
In our previous update, we mentioned that PowerSchool would be providing notice to students, parents/guardians, and educators whose information was involved and that the notice would include information about identity protection and/or credit monitoring services offered. PowerSchool has now advised us that it has initiated the process of notifying those individuals.
PowerSchool will be notifying individuals by email and we understand the email will be sent from [email protected]. We understand these emails will be sent by PowerSchool in the coming weeks.
Whether or not you receive an email, you may also visit PowerSchool’s website to learn how to activate the identity protection and/or credit monitoring services. The PowerSchool website also includes information in French. For those able to utilize credit monitoring services (individuals over 18), you will be prompted to validate before activating by entering your first name, last name, and date of birth. Anyone, including those under 18, can utilize the identity protection services. You may not be able to access the credit monitoring services immediately, as PowerSchool is still updating its list of eligible individuals. PowerSchool indicated that its updates should be completed by the end of February. PowerSchool has advised that you can call 1-833-918-7884 if you have any questions.
We continue to work diligently to request more details from PowerSchool. We also continue to investigate this incident ourselves, with assistance from experts. We may be in touch again with further updates.
There continues to be no operational impact on the Red River Valley School Division (RRVSD) as a result of this incident. PowerSchool has assured us that the incident has been contained.
In RRVSD, we take cybersecurity and protecting information seriously. We will post updates about the PowerSchool cybersecurity incident on our website and social media accounts. We have provided (below and on our website) some answers to questions you may have. If you have any additional questions, they can be directed to [email protected]
Thank you for your continued understanding and patience as we navigate this situation.
Brad Curtis,
Superintendent & CEO
Red River Valley School Division
FREQUENTLY ASKED QUESTIONS
THE INCIDENT
What happened?
On January 7, 2025, PowerSchool informed Red River Valley School Division (RRVSD) that it had experienced a cybersecurity incident involving unauthorized access to certain customer information in late December 2024. RRVSD is a customer of PowerSchool, like many other educational institutions across North America. PowerSchool provides a Student Information System (SIS).
PowerSchool also informed us that the unauthorized access included access to information related to RRVSD. PowerSchool will be notifying individuals by email and we understand the email will be sent from [email protected]. We understand these emails will be sent by PowerSchool in the coming weeks.
Whether or not you receive an email, you may also visit PowerSchool’s website to learn how to activate the identity protection and/or credit monitoring services. The PowerSchool website also includes information in French. Anyone, including those under 18, can utilize the identity protection services. You may not be able to access the credit monitoring services immediately, as PowerSchool is still updating its list of eligible individuals. PowerSchool indicated that its updates should be completed by the end of February. PowerSchool has advised that you can call 1-833-918-7884 if you have any questions.
We have been informed that PowerSchool has contained the incident and that there is no evidence of malware or continued unauthorized activity in the PowerSchool environment. There have been no operational impacts on RRVSD as a result of this incident.
Who did this and for what purpose?
This incident occurred at PowerSchool. We await additional details about the incident from PowerSchool. Unfortunately, organizations across the public and private sectors are increasingly being impacted by incidents like this.
How did you respond to the incident?
Upon becoming aware of the cybersecurity incident, RRVSD has been working diligently to investigate, to request more details from PowerSchool and ask questions about the details it has provided to date. We have also been investigating this incident ourselves, with assistance from experts.
PowerSchool has informed us that it has taken various response actions, including containing the incident, informing law enforcement, investigating the incident, conducting a full internal password reset, and tightening password for all its internal accounts.
PowerSchool is in the process of notifying Canadian regulators about this incident (RRVSD has already notified the Manitoba Ombudsman). PowerSchool will be notifying individuals by email and we understand the email will be sent from [email protected]. We understand these emails will be sent by PowerSchool in the coming weeks. Whether or not you receive an email, you may also visit PowerSchool’s website to learn how to activate the identity protection and/or credit monitoring services. The PowerSchool website also includes information in French. Anyone, including those under 18, can utilize the identity protection services. You may not be able to access the credit monitoring services immediately, as PowerSchool is still updating its list of eligible individuals. PowerSchool indicated that its updates should be completed by the end of February. PowerSchool has advised that you can call 1-833-918-7884 if you have any questions.
How long will the investigation take?
PowerSchool has advised it intends to provide additional details shortly. Once we have additional details from PowerSchool, we will seek to complete our investigation as quickly as possible.
Has the incident been resolved?
We have been informed that PowerSchool has contained the incident and that there is no evidence of malware or continued unauthorized activity in the PowerSchool environment. There have been no operational impacts on RRVSD as a result of this incident.
THE RESPONSE
Has law enforcement been notified?
Yes, PowerSchool has advised us that it has notified law enforcement.
Has the Manitoba Ombudsman been advised?
Yes, the Manitoba Ombudsman has been advised.
THE IMPACT
Why did this happen to RRVSD?
PowerSchool is a vendor used by many educational institutions in North America. We are a customer of PowerSchool and, as a result of the incident experienced by PowerSchool, we were impacted. We have no reason to believe that RRVSD was a specific target in this incident.
THE DATA
Has information been accessed? Was information from RRVSD exposed?
PowerSchool confirmed that there was unauthorized access to certain PowerSchool customer data, including data related to RRVSD. PowerSchool’s investigation is ongoing and we await additional details from PowerSchool.
Based on our own investigation to date of the information stored in our SIS, we can advise that no parent/guardian, staff, or student Social Insurance Number (SIN), banking, or credit card information has been identified as stored in our SIS. PowerSchool has nevertheless advised us that the identity protection and credit monitoring offers mentioned above will be sent to all individuals with any information involved.