January 17, 2025
Spartan Families and Staff,
I am writing to inform you about a cybersecurity incident involving PowerSchool, a student information system our district uses to manage and protect student and staff data. PowerSchool supports over 60 million students and has over 18,000 customers worldwide, including many Oklahoma districts. Their system includes demographic and personal data connected to thousands of students and staff, including those in Bixby Schools.
On or about December 28, 2024, PowerSchool experienced a cybersecurity breach that allowed unauthorized individuals to access certain databases. Upon discovering the incident, PowerSchool immediately launched an investigation involving cybersecurity experts and law enforcement to determine the scope of the breach.
Based on the information provided to us by PowerSchool, the breach may have included the following types of data currently held in our system:
Student information: names, grades, addresses, dates of birth, school ID numbers, bus routes, bus assignments, and contact details.
Staff information: names, contact details, teacher numbers, teaching assignments, ethnicity, and some password information.
Since our district does not enter financial data or SSNs into the PowerSchool system, none of this information was accessed by this breach.
PowerSchool recently issued a public statement and a set of community-facing FAQs HERE. It has also informed schools that it took immediate steps to contain the breach, including deactivating the compromised credentials, enhancing security protocols, and monitoring for potential data misuse.
At Bixby, protecting our students' and staff's privacy and security is a top priority. Despite PowerSchool's assurances that the data was secured, we share your concerns and frustration with this situation. We are working closely with representatives to understand the full extent of the incident and ensure that any school-based vulnerabilities are addressed.
While there is no evidence of data misuse, we encourage you to monitor your accounts for unusual activity and be cautious of phishing emails or unsolicited communications.
The district will continue to monitor this situation closely and provide updates as necessary. If you have any questions or need additional assistance, please do not hesitate to contact our technology department at 918.366.2370. If you wish to contact PowerSchool directly, the following information is available on their website: 877-873-1550 or Security@PowerSchool.com.
Sincerely,
Supt. Miller