Dissent Doe  May 1

This won't be the end of this controversy, but a California court did not dismiss claims against Bain Capital over the PowerSchool data breach. In considering the timeline and the private equity firm's actions before and after its acquisition of PowerSchool in 2024, the court noted, in part:

"Post-closing, Bain directed PowerSchool to offshore cybersecurity, engineering, and IT functions to contractors, including offshoring required data-management tools that enabled vendors to bypass consent protocols and access protected school district computers directly.

Bain failed to assess data-breach risks from the offshoring it directed.

Post-closing, Bain directed layoffs of at least 5% of PowerSchool’s workforce, including critical domestic IT staff."

Read more from Womble Bond Dickinson at https://www.womblebonddickinson.com/us/insights/alerts/unprecedented-private-equity-firm-potentially-hook-portfolio-companys-data-breach

h/t, JDSupra, The National Law Review

@douglevin @funnymonkey

#EdTech #Liability #negligence #PowerSchool #BainCapital #hackandleak

Unprecedented: Private Equity Firm Potentially on Hook for Portfolio Company’s Data Breach

In a first of its kind, a California federal judge allowed claims against Bain Capital to proceed based on a data breach at its subsidiary, PowerSchool. Notably, many of the claims are based on conduct that occurred before Bain’s acquisition of PowerSchool. Although the case will continue

Womble Bond Dickinson
The New OilApr 21

20-Year-Old Enters Prison for Historic Breach, Ransoming of Massive Student Database

https://yro.slashdot.org/story/26/04/18/156236/20-year-old-enters-prison-for-historic-breach-ransoming-of-massive-student-database

#PowerSchool #privacy #cybersecurity #DataBreach #cybercrime #education

20-Year-Old Enters Prison for Historic Breach, Ransoming of Massive Student Database - Slashdot

20-year-old Matthew Lane sent a text message to ABC News as his parents drove him to federal prison in Connecticut. "I'm just scared," he said, calling the whole situation "extremely sad." Barely a year earlier, while still a teenager, he helped launch what's been described as the biggest cyberat...

Bob CarverApr 14
'Addicted to hacking': Young hacker behind historic breach speaks out for 1st time, before reporting to prison - ABC News https://abcnews.com/US/addicted-hacking-young-hacker-historic-breach-speaks-1st/story?id=131855776 #cybersecurity #cybercrime #PowerSchool #ransom
David T.S. FraserDec 14
The #PowerSchool breach, explained: what happened, what data was exposed, and what Ontario and Alberta regulators found. Under Canadian #privacy laws, there's no outsourcing accountability. And if you don't need it, don't collect it or retain it. New on my YouTube channel: https://youtu.be/l4ytObPKx2A
When student data is hacked & stolen: Regulators’ lessons from the #PowerSchool data breach

YouTube
Robby Barnes Nov 24
This feels like the companies that blame users for having bad passwords in a breach. Maybe technically true in a way, but come on... Under staffed under resourced schools aren't responsible for a vendor's failing. The vendor is. #PowerSchool https://www.theregister.com/2025/11/20/powerschool_breach_reports/
Education boards left gates wide open for PowerSchool mega-breach, say watchdogs

: Privacy cops say attack wasn't just bad luck but a result of sloppy homework

The Register
TechNaduOct 16, 2025

🚨 PowerSchool Hacker Sentenced: 4 Years for 62M Student Data Breach
Matthew D. Lane, 19, hacked PowerSchool, stole sensitive info, demanded ransom, and now faces 4 years in prison with $14M restitution & $25K fine.

💬 How should K-12 platforms secure sensitive student and teacher data? Comment & follow @technadu for expert cybersecurity coverage.

#CyberSecurity #DataBreach #K12Security #PowerSchool #StudentData #Ransomware #Infosec #DigitalSafety #TechNadu #CyberCrime

Dissent Doe  Oct 14, 2025

Earlier today, Matthew Lane, the 19-year old from Massachusetts who confessed to hacking a telecom and #PowerSchool, was sentenced to 4 years in prison, 3 years supervised release after that, $14M in restitution, and forfeiture of $160k.

#EduSec #cybersecurity #ShinyHunters #G0retrance #databreach

CyberVeille.chOct 13, 2025
📢 Sept ans requis contre un hacker de 19 ans pour le piratage de PowerSchool et le vol de données massives
📝 Selon l’article, les procureurs demandent une peine de sept ans de prison contre Matthew Lane (19 ans...
📖 cyberveille : https://cyberveille.ch/posts/2025-10-13-sept-ans-requis-contre-un-hacker-de-19-ans-pour-le-piratage-de-powerschool-et-le-vol-de-donnees-massives/
🌐 source : https://therecord.media/powerschool-prison-sentence-hacker
#PowerSchool #hacking #Cyberveille
Sept ans requis contre un hacker de 19 ans pour le piratage de PowerSchool et le vol de données massives

Selon l’article, les procureurs demandent une peine de sept ans de prison contre Matthew Lane (19 ans, Massachusetts), après son plaidoyer de culpabilité pour le piratage des bases de données de l’entreprise d’edtech PowerSchool et le vol de données à grande échelle. 🎯 Cible: PowerSchool (edtech) 📦 Données compromises: >60 millions d’élèves et 9 millions d’enseignants 👤 Auteur: Matthew Lane, 19 ans ⚖️ Procédure: Plaidoyer de culpabilité; requête des procureurs: 7 ans de prison Un mémo de condamnation déposé mardi indique que Lane aurait également piraté au moins sept autres victimes depuis 2021, dont des entités gouvernementales étrangères.

CyberVeille
ransomNewsOct 12, 2025
🔎  PowerSchool hacker faces sentencing after $14M damages Matthew Lane, aka “g0retrance,” M19, awaits sentencing for #PowerSchool and telecom hacks after pleading guilty to cyber extortion and identity theft. Once a would-be white hat ignored by MIAA, faces up to 84 months and $14M restitution.
Dissent Doe  Oct 4, 2025

NEW: PowerSchool hit by Salesloft Drift campaign, but hackers claim that there is no risk of harm or ransom

https://databreaches.net/2025/10/04/powerschool-hit-by-by-salesloft-drift-campaign-but-hackers-claim-that-there-is-no-risk-or-harm-or-ransom/

#PowerSchool #EduSec #EdTech #Salesloft #Salesforce #cybersecurity #databreach

@douglevin @funnymonkey @brett @mkeierleber @campuscodi

PowerSchool hit by Salesloft Drift campaign, but hackers claim that there is no risk of harm or ransom – DataBreaches.Net

As noted on Reddit , PowerSchool appears to have been one of many victims of the Salesloft Drift/Salesforce campaign by Scattered LAPSUS$ Hunters. Like many oth

DataBreaches.Net