This is a developing story.
The Juneau School District notified staff and families that the district was unaffected by a national cybersecurity incident involving PowerSchool on Friday — however, on Tuesday, JSD confirmed it was indeed impacted.
On Friday, PowerSchool, a company that provides the district its student information system, alerted JSD of a cybersecurity strike involving unauthorized access to certain customer data. Kristin Bartlett, the district’s chief of staff, wrote in an email that PowerSchool confirmed through a forensic investigation that information related to products in use by JSD were not affected in the incident.
But on Tuesday evening, Bartlett wrote in another message to staff and families that “PowerSchool has now reversed course and said that JSD has ‘been affected by the breach.’”
Following the notification from PowerSchool, the JSD IT Department reviewed data logs to independently verify the PowerSchool report. JSD IT initially found no evidence of a data breach, according to Bartlett. During a continued examination of data logs for preceding dates, JSD IT discovered suspicious activity.
“JSD IT immediately reported the suspicious activity to PowerSchool,” Bartlett wrote. “Our PowerSchool representative sent JSD the following reply: ‘I can confirm that you have been affected by the breach.’”
The JSD IT and Student Assessment team conducted an independent review based on the information included in data logs. The district is currently awaiting notification from PowerSchool with details of the breach affecting the product.
In the email sent to staff and families, Bartlett wrote that JSD does not store social security numbers, driver’s license numbers, or any credit card information through PowerSchool.
“Thus far, PowerSchool has indicated, regarding other, non-JSD breaches, that the affected data includes parent, student and staff contact information, such as name and address information,” Bartlett wrote.
Along with warning staff, families and students to be cautious of phishing and social engineering attacks, Bartlett directed them to PowerSchool’s FAQ page. She also wrote that the JSD IT Help Desk will never ask someone for their current password.
“JSD has trusted PowerSchool with data for many years,” she wrote. “Protecting this data is something the district takes very seriously.”
• Contact Jasz Garrett at jasz.garrett@juneauempire.com or (907) 723-9356.
