Update on PowerSchool Cybersecurity Incident

Update on PowerSchool Cybersecurity Incident
Posted on 01/13/2025
January 13, 2025








Update on PowerSchool Cybersecurity Incident

Dear Red River Valley School Division Community,

We are writing to provide a brief update about the cybersecurity incident that PowerSchool, our student information system provider, recently experienced.

PowerSchool’s investigation is ongoing and we await additional details from PowerSchool about the information accessed as a result of the incident. We empathize with your concerns about this incident that is impacting educational institutions across North America. We also understand that you may be looking for additional details as well. Rest assured that when we have details to share, we are committed to sharing them.

There have been no operational impacts on the Red River Valley School Division as a result of this incident. PowerSchool has assured us that the incident has been contained.

In the Red River Valley School Division, we take cybersecurity and protecting information seriously. We will post updates about the PowerSchool cybersecurity incident on our website and social media accounts. We have provided some answers to questions you may have in a FAQ below. If you have any additional questions, they can be directed to [email protected].

Thank you for your understanding and patience as we navigate this situation.



Brad Curtis
Superintendent & CEO
Red River Valley School Division




Frequently Asked Questions:

The incident

1. What happened?

On January 7, 2025, PowerSchool informed the Red River Valley School Division (RRVSD) that it had experienced a cybersecurity incident involving unauthorized access to certain customer information in late December 2024. RRVSD is a customer of PowerSchool, like many other educational institutions across North America. PowerSchool provides a Student Information System (SIS).
PowerSchool also informed us that the unauthorized access included access to information related to RRVSD. We await additional details from PowerSchool about the information affected and are committing to sharing details when we have them.

2. Who did this and for what purpose?

This incident occurred at PowerSchool. We await additional details about the incident from PowerSchool. Unfortunately, organizations across the public and private sectors are increasingly being impacted by incidents like this.

3. How did you respond to the incident?

Upon becoming aware of the cybersecurity incident, RRVSD has been working diligently to investigate and to learn additional details from PowerSchool. We await additional details from PowerSchool about the information accessed as a result of this incident so we can take further action.
PowerSchool has informed us that it has taken various response actions, including containing the incident, informing law enforcement, investigating the incident, conducting a full internal password reset, and tightening password security for all of its internal accounts.

4. How long will the investigation take?

PowerSchool has advised it intends to provide additional details shortly. Once we have additional details from PowerSchool, we will seek to complete our investigation as quickly as possible.

5. Has the incident been resolved?

We have been informed that PowerSchool has contained the incident and that there is no evidence of malware or continued unauthorized activity in the PowerSchool environment. There have been no operational impacts on RRVSD as a result of this incident.

The response

6. Has law enforcement been notified?

Yes, PowerSchool has advised us that it has notified law enforcement.

7. Has the Manitoba Ombudsman been advised?

Yes, the Manitoba Ombudsman has been advised.

The impact

8. Why did this happen to RRVSD?

PowerSchool is a vendor used by many educational institutions in North America. We are a customer of PowerSchool and, as a result of the incident experienced by PowerSchool, we were impacted. We have no reason to believe that RRVSD was a specific target in this incident.

The data

9. Has information been accessed? Was information from RRVSD exposed?

PowerSchool confirmed that there was unauthorized access to certain PowerSchool customer data, including data related to RRVSD. PowerSchool’s investigation is ongoing and we await additional details from PowerSchool about the information accessed as a result of the incident. We understand that you may be looking for additional details as well. Rest assured that when we have details to share, we are committed to sharing them.

Website by SchoolMessenger Presence. © 2025 SchoolMessenger Corporation. All rights reserved.