PowerSchool Cybersecurity Update

Skip Sidebar Navigation
PowerSchool Cybersecurity Update
c
Transportation Redefined - Transition Plan
2025-2026 Budget Information
PowerSchool Cybersecurity Update
Pre-K or Kindergarten Registration Survey
Community Eligibility Provision Update
Bemus Point CSD Census
Capital Improvement Project
SmartSchools Bond Initiative
Last item for navigation
PowerSchool Cybersecurity Update
Posted on 02/07/2025

Bemus Point CSD Affected by PowerSchool Data Incident 

As part of our commitment to transparency and the safety of our students, Bemus Point CSD is informing the public about a recent cybersecurity incident involving the PowerSchool student information system. 

On December 28, 2024, PowerSchool became aware of unauthorized access to certain information through one of their customer support portals. An investigation revealed that an unauthorized party accessed PowerSchool customer data, including student, staff, and alumni information dating back several years. Bemus Point CSD was notified on January 7, 2025. 

PowerSchool has created a webpage and is offering credit/identity monitoring for any student, teacher, or alumni. For more information, please visit PowerSchool's dedicated page (https://www.powerschool.com/security/sis-incident/notice-of-united-states-data-breach/). Bemus Point CSD encourages anyone- students, staff, and alumni- who were impacted by this incident to take advantage of the available resources as a precaution. 

Commitment to Security: Safety and security—both in-person and online—remain our highest priority. We are closely monitoring PowerSchool’s investigation and actively reviewing our own practices to ensure the continued protection of student and staff information. 



FAQs

What exactly happened in the PowerSchool incident? On December 28, 2024, PowerSchool discovered a cybersecurity incident involving unauthorized access to certain information through their customer support portal, PowerSource. This incident affected student, alumni, and staff information.

This was a nationwide incident and impacted hundreds of school districts across the country.

When was the district notified about the incident? The district was notified on January 7, 2025 that we were impacted by PowerSchool.

How many student records were impacted in our district? [Insert the number of student/teacher records impacted in the district here.]

What specific data fields were accessed? The accessed information included the following data fields: [Insert specific \ data fields here.]

Is there any evidence that the accessed information has been used maliciously? We have not been made aware that any of the data accessed has been used maliciously at this time.

What steps are being taken to protect affected individuals? PowerSchool is offering credit and identity monitoring for impacted parties for the next two years. You can access these resources through the link provided on our school website. (LINK: Notice of Data Breach For Individuals in the United States | PowerSchool)

How can I access the resources provided by PowerSchool? You can visit the webpage created by PowerSchool at https://www.powerschool.com/security/sis-incident/notice-of-united-states-data-breach/ or find the link on our school website.

What measures are being taken to prevent future incidents? We are closely monitoring PowerSchool’s investigation and actively reviewing our own practices to ensure the continued protection of student information. We hold our partners to the highest security standards.

What actions should parents take if they suspect their child's information has been misused? If parents suspect their child's information has been misused, they should regularly monitor their child's credit report and financial accounts for any unusual activity. It's also a good idea to place a fraud alert with a major credit bureau and consider freezing their child's credit to restrict access. Any suspicious activity should be reported immediately to financial institutions, credit bureaus, the FTC, and local law enforcement.

Parents should take advantage of the credit and identity monitoring services offered by PowerSchool and educate their child about protecting personal information. These steps can help mitigate risks and protect their child's information.

Why did it take so long to be notified? With an unauthorized access incident of this scale, the investigation and implementation of resources took some time to get into place. You are receiving this notification as soon as the district was made aware of the scope of the incident and available resources were provided by PowerSchool.

How will this incident impact the daily operations of the school? This incident did not cause any disruptions to student learning or school operations.

Are there any costs associated with the credit/identity monitoring services provided? It is our understanding that two years of credit/identity monitoring will be available at no cost from Experian on behalf of PowerSchool.

Website by SchoolMessenger Presence. © 2025 SchoolMessenger Corporation. All rights reserved.