Email to impacted individuals - Thu, Jan 9, 11:09 AM
Dear Pony families and staff,
On Tuesday, Jan. 7, we were informed of a cybersecurity incident involving unauthorized access to certain information within PowerSchool, our Student Information System (SIS). This breach originated with PowerSchool, and impacted school districts nationwide. The breach was not due to vulnerabilities in our district’s systems.
The data has not been made public. According to PowerSchool, the data involved was deleted by the threat actor as part of their interactions with the company.
What Happened?
A threat actor gained access to our SIS data by a third-party vendor hosting PowerSchool through compromised credentials. PowerSchool responded immediately by implementing their cybersecurity protocols, retaining third-party cybersecurity experts, and notifying the FBI.
Upon learning of this incident Tuesday afternoon, Stillwater schools immediately activated our own cybersecurity response plan. We have been collaborating with PowerSchool and our third party cyber security experts to fully assess the scope of the breach and identify the information involved.
Impact of the Incident
The following information was accessed during the breach:
- Student Information: Names, addresses, birthdates, emergency contacts, homeroom teachers, enrollment dates, guardian phone numbers and some individual emergency contacts.
- Staff Information: Names, district email addresses and district phone numbers.
It is important to note that no financial information or social security numbers were accessed, as the district does not retain that type of information on students or within PowerSchool for staff.
Next Steps
Our team is actively participating in PowerSchool's informational sessions, investigating internally, and coordinating with other affected school districts to gather insights and ensure our systems are secure into the future.
There is no evidence that the accessed data has been shared or misused, and families do not need to take any action. Should this change or should additional information come to light, we will notify you promptly. We will also be sharing a formal investigative report in the near future.
We appreciate your understanding and patience as we address this matter. Please be assured that the safety and security of our students and staff remain a top priority.
If you have questions or concerns, please contact comments@stillwaterschools.org .
Sincerely,
Dr. Mike Funk, Superintendent