Photo: Getty Images
The Delaware Valley School District (DVSD) in Milford experienced a data breach over the recent holiday break. The breach targeted the district's Learning Management System, PowerSchool, which is widely used by over 17,000 schools nationwide. According to Superintendent Dr. Brian Blaum, the breach exposed names and phone numbers of students and faculty, but the information was not more than what could be found through a Google search.
PowerSchool, a cloud-based K-12 software provider, confirmed that a compromised credential was used to access its PowerSource customer support portal. The breach involved unauthorized access to two tables containing family and teacher information from PowerSchool’s Student Information System database. This included personally identifiable data such as contact information, and in some cases, Social Security numbers and medical data were also exposed.
PowerSchool officials are working with CrowdStrike, a cybersecurity company, to investigate the situation and provide dark web monitoring. The company is also offering credit monitoring support to affected districts and advising them to contact their cyber insurance brokers. The investigation is ongoing, and PowerSchool is reaching out to affected schools to communicate the incident.
A phone message was expected to be sent out to inform families of the cyberattack, and anyone concerned about the breach can contact the school. The next school board meeting is scheduled for February 20 at the Delaware Valley Administration Building.