On Tuesday, PowerSchool informed the Jamestown Public Schools leadership team that it experienced a cybersecurity incident involving unauthorized access to certain PowerSchool student information systems. Jamestown Public Schools was among PowerSchool’s many worldwide clients affected.

“PowerSchool will be providing us with more detailed information and resources. We will share all relevant information as it becomes available to us,” the district said in a statement on Friday. “While PowerSchool is responsible for this incident and its impact, JPS is committed to protecting our student, staff and family data and will continue to communicate with transparency about this incident.”

District officials attended a detailed debrief by PowerSchool about the data event to learn more information and more information will be released to JPS constituents as it becomes available.

— What happened? — According to PowerSchool, a threat actor used a compromised administrative PowerSchool credential belonging to a sub-contractor to access data stored in the global PowerSource management system. When PowerSchool became aware of the incident on Dec. 28, 2024, they notified law enforcement, locked down the system and engaged the services of CrowdStrike (a cybersecurity company that develops software to help companies detect, prevent, and respond to cyberattacks) and Cyber Steward (a professional advisor with experience in negotiating with threat actors).

— What data could have been accessed? — PowerSchool has notified JPS that the data accessed primarily includes student, parent, and staff contact information such as name, address, and phone numbers. JPS does not retain social security numbers in PowerSchool, and no financial information was included in the data event.

PowerSchool states they have received “reasonable assurances from the threat actor that the data has been deleted and that no additional copies exist. We do not anticipate the data being shared or made public, and we believe it has been deleted without any further replication or dissemination. We have a video confirming deletion and are actively searching the dark web to confirm.”

— What happens next? — PowerSchool has stated the incident is contained, and they have no evidence of malware or continued unauthorized activity in the PowerSchool environment. They are not experiencing, nor expect to experience, any operational disruption and they continue to provide services as normal to school districts.

PowerSchool has stated, “While we are unaware of and do not expect any actual or attempted misuse of personal information or any financial harm to impacted individuals as a result of this incident.”