Hacker accessed PowerSchool’s network months before massive December breach

A hacker compromised the U.S. edtech giant PowerSchool months before its ‘massive’ data breach in December, according to a now-published forensic report into the incident conducted by U.S. cybersecurity firm CrowdStrike. In a letter sent to affected customers last week, seen by TechCrunch, PowerSchool confirmed that an investigation into the incident has revealed that its network “experienced unauthorized activity prior to December,” which CrowdStrike dated back to at least August 2024. PowerSchool previously said it detected unauthorized access to its systems between December 19 until it discovered the compromise on December 28, 2024. In its report, CrowdStrike said that a hacker using the same compromised support credentials used in the December breach to access PowerSchool’s network between August 16, 2024, and September 17, 2024. The credentials were used to access PowerSchool PowerSource, the same customer support portal compromised in the December breach to gain access to Powe ... Read full article.