Press Release: On the afternoon of Tuesday, January 7, PowerSchool alerted North Carolina public schools and the North Carolina Department of Public Instruction (NCDPI) to a cybersecurity incident impacting student and teacher data across their global client base. This incident was not isolated to North Carolina. PowerSchool is a student information system (SIS) that has been in use in North Carolina since 2013.

On December 28, 2024, PowerSchool became aware of a cybersecurity incident that began on December 19, 2024, involving unauthorized access to student and teacher data. The data breach occurred when the credentials of a PowerSchool contract employee were compromised. PowerSchool has shared that they believe the threat has been contained and that the compromised data was not shared and has been destroyed. PowerSchool is working with law enforcement to monitor the dark web for any data exposure.

PowerSchool has indicated that it is not experiencing any operational disruptions and continues to provide services.

Davidson County Schools will work alongside NCDPI and PowerSchool, to ensure that all required notifications are conducted.

It is important to stress that there is nothing that Davidson County Schools or NCDPI could have done to avoid this cybersecurity incident. Neither our schools nor DPI have administrative access to the maintenance tunnel where the breach occurred.

In the coming days, impacted students and staff will receive notification. Protecting student and educator data is a top priority, and we are taking this matter very seriously. NCDPI is committed to protecting our students and staff, and they are actively advocating for each of them as we navigate this situation with PowerSchool.

Thank you for your support.