Dear Crusader Families,

We are writing to inform you of a data breach that affected SHDHS as part of a larger incident involving PowerSchool, a Student Information System (SIS) used by schools nationwide. The breach occurred between December 19 and 28, 2024, when a threat actor gained unauthorized access to data from districts across the country, including SHDHS. SHDHS became aware of the breach on January 7, 2025 and was notified by PowerSchool that SHDHS was affected on January 8, 2025.

Here’s what we know so far:

Data Affected: The breach impacted two SHDHS data tables in the new SIS, including records of both teachers and students. We are actively working with PowerSchool to determine exactly what data was impacted and will share additional information in a follow-up communication.  

Mitigation Steps: PowerSchool has confirmed that the breached data file has been deleted and is no longer accessible. They have also notified the FBI and hired a cybersecurity firm, CrowdStrike, to assist in addressing the breach. CrowdStrike has reported that at this time no data from the breach has been found on the dark web, and they continue to monitor this space.

While PowerSchool is responsible for this incident and its impact, our team acted swiftly once we were notified and is continuing to investigate. SHDHS understands the importance of your trust and is diligently committed to protecting our student and staff data. 

With that said, please see the information provided by PowerSchool below, and if you have additional questions, please use the following link to contact the SHDHS Tech Department. 

Contact SHDHS - https://events.shdhs.org/powerschool-questions/

Message from PowerSchool SIS

We are writing to make you aware of a recent cybersecurity incident involving PowerSchool, a software vendor which provides our Student Information System (SIS).

On Tuesday, January 7, 2025, PowerSchool informed our leadership team that they experienced a cybersecurity incident involving unauthorized access to certain PowerSchool SIS customer data. Unfortunately, they have confirmed that the information belongs to some of SHDHS’s families and educators.

PowerSchool informed us that the taken data primarily includes parent and student contact information with data elements such as name and address information. Across their customer base, they have determined that for a portion of individuals, some personally identifiable information (PII), such as social security numbers (SSN) and medical information, was impacted. They are working with urgency to complete their investigation and determine whether PII belonging to our students was included.

Protecting our students is something we take seriously. With PowerSchool’s help, more information and resources (including credit monitoring or identity protection services if applicable) will be provided to you as it becomes available.

Thank you for your patience and understanding.

PowerSchool

 

Sincerly,

Jorge L. Carbwood
Director of Technology

St. Henry District High School
859-525-0255 ext. 2820
3755 Scheben Drive
Erlanger, KY 41018


--

This message was sent to by info@shdhs.org.

To forward this message, please do not use the forward button of your email application, because this message was made specifically for you only. Instead use the forward page in our newsletter system.
To change your details and to choose which lists to be subscribed to, visit your personal preferences page.

powered by phpList 3.6.15, © phpList ltd