PowerSchool cybersecurity incident

Last updated: February 4, 2025

cybersecurity incident involving PowerSchool, a Kindergarten to Grade 12 school software provider, has affected clients in Canada, the United States, and other parts of the world, including the Northwest Territories.

On January 15, 2025, PowerSchool notified the Government of the Northwest Territories (GNWT) that unauthorized access to PowerSchool's cloud environment led to the theft of records from several education bodies in the NWT. As information and facts are verified through the investigation, this page will be updated.

The breach was not within the GNWT’s network.

When did the GNWT find out about the breach? 

The Department confirmed the breach of NWT information on January 15, 2025.

Which education bodies in the Northwest Territories are impacted?

On January 15, 2025, the GNWT confirmed that the breach of PowerSchool’s cloud environment led to the theft of records from the Beaufort Delta Divisional Education Council, Dehcho Divisional Education Council, South Slave Divisional Education Council, Yellowknife Catholic Schools, and Yellowknife Education District No. 1.

As the investigation continued it was later confirmed that the breach also impacted the Dettah District Education Authority and the Ndilǫ Education Authority as these education bodies are included within YK1’s PowerSchool account.  

How do I know if my information or my child’s information was part of the breach?

PowerSchool has been used by all Education Bodies to manage student records at the classroom level since 2012 and houses information for current and historical school staff and students.

On January 30, 2025, the GNWT confirmed that the number of impacted individuals for the NWT is approximately 35,082 (32,734 students and 2,348 educators or staff). 

Individuals affected by the breach will be notified directly by PowerSchool in the coming weeks.

What should I do if I suspect my information or my child’s information was part of the breach?

In January PowerSchool announced that they had engaged TransUnion and Experian, trusted credit reporting agencies, to offer two years of complimentary identity protection services, which will be provided by Experian, for all students and educators whose information from your PowerSchool SIS was involved. PowerSchool will also be offering two years of complimentary credit monitoring services, which will be provided by TransUnion for all students and educators who have reached the age of majority whose information was involved. More information on those protection services is available here: https://www.powerschool.com/security/sis-incident/

What type of information was impacted?

The breach involved current and past student and staff information stored within the PowerSchool system, including:

  • student names
  • student mailing addresses
  • student dates of birth
  • student home phone numbers
  • medical conditions (i.e., asthma, allergies)
  • parent/guardian names
  • teacher names
  • teacher home phone numbers
  • teacher email addresses

How did the breach occur?

PowerSchool’s investigation determined that an unauthorized party gained access to data using a compromised credential belonging to one of their staff. As soon as PowerSchool learned of the incident, they immediately engaged in their cybersecurity response protocols. PowerSchool has implemented enhanced security measures and confirmed that the breach has been contained.

Why does the NWT and other jurisdictions use a third party, like PowerSchool for this data?

Education systems are complex and require an information management system. Jurisdictions, including the NWT, use reputable and trusted applications for this information management.  When using a third party, such as in this case, the GNWT conducts a rigorous privacy impact assessment.
PowerSchool is a student information system that is used extensively by classroom teachers and administrators across the globe. The functionality provided by this system allows for accurate record-keeping on grades, attendance, emergency contact information and much more. Access to this information is limited even within the school environment by role-based login credentials. Only those individuals who have a direct connection to the student’s instruction are permitted access to any data. For example, a student’s contact information is not accessible by teachers who are not instructing that student. There are administrative accounts which do have elevated access privileges; however, those are more restricted.
Using a student information system is essential in being able to generate report cards, official transcripts, and eventually even high school diplomas for students. Losing access to such a system would inherently create harm through loss of efficient delivery of those services.

It has been stated that the PowerSchool breach has been “contained”. What does that mean?

Our assessment is based on updates from PowerSchool: “We do not believe there is an ongoing risk to our systems. We have no evidence of malware or continued unauthorized activity in the PowerSchool environment. PowerSchool is not experiencing, nor does it expect to experience, any operational disruption and continues to provide services as normal to our customers.”

The Privacy Commission of Canada has been notified by PowerSchool about the breach.

What steps did the GNWT take once the breach was confirmed?

Once the breach was confirmed, the GNWT worked quickly to confirm which education bodies were affected and the type of information impacted. Our steps included:

  • working with education bodies to ensure we were notifying school staff and students through letters
  • issuing a public notice
  • setting up an access point (educationoperations@gov.nt.ca) for the public to contact us with their concerns as quickly as possible.
  • notifying the NWT privacy commissioner

The Office of the Chief Information Officer (OCIO) is leading the analysis and investigation within the NWT. 

Where can I get more information?

This webpage will continue to be updated as information and facts are verified through PowerSchool, ECE’s and the OCIO’s analysis.

Staff and students within the impacted education bodies will receive information directly from PowerSchool, their education body, as well as updates from this GNWT webpage as more information becomes available.

News:

January 16, 2025: Cybersecurity incident involving PowerSchool has occurred, NWT information affected

February 4, 2025: Update on PowerSchool data breach