Following a significant data breach at PowerSchool, the leading cloud-based edtech supplier, harrowed victims rallied to unravel the hack’s full extent. PowerSchool harboured a wealth of private data, including grades, medical records and social security numbers for over 60 million students and teachers worldwide. After PowerSchool reported the breach, albeit without insight into the stolen data, affected educational institutions were left clueless about the depth of the violation.
Romy Backus, an employee at the American School of Dubai, quickly responded to this intimidating revelation. Backus set about her own investigation to assess exactly what information was stolen from her school’s platform.
Eager for more concrete insights, Backus realized she was not alone in her pursuit. Sharing difficulties originating from unclear and occasionally misleading communication from PowerSchool, many others in similar positions sought to gain a clear depiction of the damage done.
Amid the chaos and confusion, a community of swift-actioning investigators emerged. Leveraging email chains and forums, PowerSchool users worldwide started comparing notes, sharing resources, and helping each other. Tracy Backus’ collaboration with colleagues across Europe and the Middle East resulted in an expansive how-to guide to assess the theft, now shared and accessed across the globe.
Backus’ initiative embodied the spirit of this remarkable community. Their collective effort on informal platforms like Reddit was driven by solidarity and necessity, largely due to PowerSchool’s sluggish response.
Doug Levin, the co-founder of a non-profit aiding schools with cybersecurity, highlighted the significance of this open collaboration. Despite most of these schools lacking the staffing and skill to manage such incidents, their joint effort proved powerful in responding to this unprecedented situation.
PowerSchool acknowledged its appreciative customers, celebrating their dedication to information sharing and peer support as they continue to address this security incident.
Original source: Read the full article on TechCrunch
