UPDATE Feb. 27, 2025: Per PowerSchool, Notifications to potentially impacted students/parents and staff will soon be sent. These notifications will come from Experian, using one of the following email addresses.

UPDATE Jan. 27, 2025: Please view these updates and FAQs from PowerSchool.

Joplin Schools Community,

Earlier this week, PowerSchool notified our IT department that Joplin Schools was among PowerSchool’s many worldwide clients whose data may have been accessed during a cybersecurity incident in late December. PowerSchool became aware of the breach on Dec. 28, 2024.

In light of this disclosure, our IT department researched the access to our system and found that Powerschool’s compromised account did access our system on December 22, 2024. We are awaiting more information, but we want our community to be aware of the ongoing situation being investigated at this time.

What happened?
According to PowerSchool, someone used a compromised credential to access data stored in the Student Information System (SIS) of many PowerSchool clients. When PowerSchool became aware of the incident, they notified law enforcement, locked down the system, and engaged the services of CyberSteward, a professional advisor with experience in negotiating with threat actors. PowerSchool states that they have received “reasonable assurances from the threat actor that the data has been deleted and that no additional copies exist.”

What data was accessed?
Our IT team has investigated access logs during the suspected time period. It has been found that Personally Identifiable Information (PII) for staff and students was accessed. At this time, we believe the following current and former student and staff data was accessed: 

• Directory information including student and staff names and addresses (this information is always available, so it is not considered to be PII)
• Social Security Numbers in some but not all cases  
• Some medical alert information
• Parent/guardian names

No passwords appear to have been accessed, so no student or staff login credentials were compromised. With the help of PowerSchool support, we will continue to narrow down the impacts of the cybersecurity incident, and will work with PowerSchool to ensure that any impacted individuals are notified and that appropriate next steps are taken.

What happens next?
PowerSchool has stated, “While we are unaware of and do not expect any actual or attempted misuse of personal information or any financial harm to impacted individuals as a result of this incident, PowerSchool will be providing credit monitoring to affected adults and identity protection services to affected minors in accordance with regulatory and contractual obligations.” PowerSchool is also continuing to work with the FBI to monitor the situation.

While PowerSchool is responsible for this incident and its impact, and it is not something Joplin Schools could have prevented, out of an abundance of caution, Joplin Schools has notified its cybersecurity contractor, Crowdstrike, to direct our further response. Crowdstrike is also working directly with PowerSchool to investigate the incident and anticipates a full report will be available around January 17, 2025. Joplin Schools is also in consultation with district cybersecurity insurance provider, Travelers, as directed by District Policy. 

Who can I contact with questions and concerns?
We anticipate PowerSchool will provide impacted individuals with resources and additional information which we will share when it is made available to us. We will also post updates about this situation on our website and in ParentSquare.

Joplin Schools is committed to protecting our student, staff, and family data and will continue to communicate with transparency about this event. Any and all updates about this incident will be shared as our understanding progresses.

Sincerely,
Dr. Kerry Sachetta
Joplin Schools Superintendent