Data Breach Summary
Perkins School for the Blind is among the schools affected by a recent cybersecurity breach involving PowerSchool, a widely used student information system (SIS) across North America. The breach, which occurred around December 22, 2024, resulted in the unauthorized access of personal information, including social security numbers (SSN) and medical details of some individuals connected to the school.
The breach, which affected multiple school districts across the country, has raised concerns about the security of student and staff data. According to an internal assessment conducted by the district, the breach compromised some of the district’s data, primarily including contact information for both past and current students and staff. The South Carolina Department of Education issued a press statement on January 8, 2025, regarding the data breach. This incident has also affected other schools, including Lexington School District Four, Camas County School District and Lancaster County School District.
PowerSchool, a leading provider of educational technology, disclosed that the breach compromised the personal information of students and educators across K-12 districts in the U.S. The breach, which began on December 19, 2024, was not detected until December 28, 2024. Hackers gained access to the PowerSchool portal through stolen credentials and exploited a maintenance tool known as the “export data manager.” Typically used by PowerSchool engineers to troubleshoot the Student Information System (SIS), the attackers were able to extract data from the “Students” and “Teachers” tables into a CSV file, which was subsequently stolen. This tool is designed to help customer support teams maintain and optimize database performance.
The South Carolina Department of Education (SCDE), in coordination with the South Carolina Law Enforcement Division (SLED) and other federal and state agencies, has launched a comprehensive investigation into the breach. The full extent of the breach is still under review.
Affected individuals are advised to contact the three major consumer reporting agencies—Equifax, Experian, and TransUnion—directly to request a freeze on their credit. The school also encourages individuals to regularly monitor their accounts for any signs of suspicious activity and to follow further instructions provided in their notification letters.
Individuals associated with Perkins School for the Blind are advised to remain vigilant for any signs of suspicious activity involving their personal data. To protect against potential risks, it’s recommended to regularly monitor financial statements, update passwords, and exercise caution with unsolicited communications, such as phishing attempts. For additional guidance on safeguarding your information following a data breach, we encourage you to review this resource on responding to data breaches and the proactive steps you can take to protect yourself.
After reviewing the affected data, it was confirmed that a document containing personal information, including name, social security number, PII, medical details, even academic record, and other sensitive details, had been accessed.
If you received a data breach notification from Perkins School for the Blind, it likely means your information was affected. Class Action U, in partnership with KO Lawyers, is supporting individuals impacted by the Perkins School for the Blind data breach. If your information was exposed in this breach, you may be eligible to join a class action lawsuit to seek compensation for:
A successful case could also compel Perkins School for the Blind, to enhance its security practices to prevent similar incidents in the future. Contact Class Action U today to explore your legal options and protect your rights.
©2024 ClassActionU