CBC Newfoundland & LabradorMay 12
PowerSchool hack was a ‘significant breach,’ says N.L. privacy commissioner
The Newfoundland and Labrador department of education did not have the proper tools in place to monitor the personal information stored by PowerSchool — which led to a massive privacy breach in which anyone who was a student or had a child in school from 1995 and onward had their personal information stolen.
https://www.cbc.ca/news/canada/newfoundland-labrador/nl-powerschool-privacy-breach-report-9.7196298?cmp=rss
DoomsdaysCWMay 8

#Cyberattack hits #Canvas system used by thousands of schools as #finals loom

By HEATHER HOLLINGSWORTH
Updated 11:19 PM EDT, May 7, 2026

Excerpt: "Connolly said the Canvas attack is strikingly similar to a breach at #PowerSchool, which also offers learning management tools [#LMS]. In that case a Massachusetts college student was charged.

"Connolly described #ShinyHunters as a loose affiliation of teenagers and young adults based in the U.S. and the United Kingdom. The group also has been tied to a other attacks, including one aimed at #LiveNation’s #Ticketmaster subsidiary."

Read more:
https://apnews.com/article/cyberattack-schools-canvas-instructure-shinyhunters-a0d7719689263e6b5f90d0e633391b5b

#CanvasLMS #Instructure #CanvasPlatform #Cyberattack #CanvasSoftware #Education #Technology #Databreach

Cyberattack on Canvas system causes chaos for students at thousands of schools

A cyberattack has caused chaos for students at thousands of schools as they study for finals. The attack Thursday targeted a system that schools and universities use to manage grades, assignments and lecture videos. The hacking group named ShinyHunters claimed responsibility for the breach at Instructure, the company behind the learning management system Canvas. An expert says the hacking group posted online that nearly 9,000 schools worldwide were affected, with billions of private messages and other records accessed.

AP News
Dissent Doe  May 1

This won't be the end of this controversy, but a California court did not dismiss claims against Bain Capital over the PowerSchool data breach. In considering the timeline and the private equity firm's actions before and after its acquisition of PowerSchool in 2024, the court noted, in part:

"Post-closing, Bain directed PowerSchool to offshore cybersecurity, engineering, and IT functions to contractors, including offshoring required data-management tools that enabled vendors to bypass consent protocols and access protected school district computers directly.

Bain failed to assess data-breach risks from the offshoring it directed.

Post-closing, Bain directed layoffs of at least 5% of PowerSchool’s workforce, including critical domestic IT staff."

Read more from Womble Bond Dickinson at https://www.womblebonddickinson.com/us/insights/alerts/unprecedented-private-equity-firm-potentially-hook-portfolio-companys-data-breach

h/t, JDSupra, The National Law Review

@douglevin @funnymonkey

#EdTech #Liability #negligence #PowerSchool #BainCapital #hackandleak

Unprecedented: Private Equity Firm Potentially on Hook for Portfolio Company’s Data Breach

In a first of its kind, a California federal judge allowed claims against Bain Capital to proceed based on a data breach at its subsidiary, PowerSchool. Notably, many of the claims are based on conduct that occurred before Bain’s acquisition of PowerSchool. Although the case will continue

Womble Bond Dickinson
The New OilApr 21

20-Year-Old Enters Prison for Historic Breach, Ransoming of Massive Student Database

https://yro.slashdot.org/story/26/04/18/156236/20-year-old-enters-prison-for-historic-breach-ransoming-of-massive-student-database

#PowerSchool #privacy #cybersecurity #DataBreach #cybercrime #education

20-Year-Old Enters Prison for Historic Breach, Ransoming of Massive Student Database - Slashdot

20-year-old Matthew Lane sent a text message to ABC News as his parents drove him to federal prison in Connecticut. "I'm just scared," he said, calling the whole situation "extremely sad." Barely a year earlier, while still a teenager, he helped launch what's been described as the biggest cyberat...

Bob CarverApr 14
'Addicted to hacking': Young hacker behind historic breach speaks out for 1st time, before reporting to prison - ABC News https://abcnews.com/US/addicted-hacking-young-hacker-historic-breach-speaks-1st/story?id=131855776 #cybersecurity #cybercrime #PowerSchool #ransom
David T.S. FraserDec 14
The #PowerSchool breach, explained: what happened, what data was exposed, and what Ontario and Alberta regulators found. Under Canadian #privacy laws, there's no outsourcing accountability. And if you don't need it, don't collect it or retain it. New on my YouTube channel: https://youtu.be/l4ytObPKx2A
When student data is hacked & stolen: Regulators’ lessons from the #PowerSchool data breach

YouTube
Robby Barnes Nov 24, 2025
This feels like the companies that blame users for having bad passwords in a breach. Maybe technically true in a way, but come on... Under staffed under resourced schools aren't responsible for a vendor's failing. The vendor is. #PowerSchool https://www.theregister.com/2025/11/20/powerschool_breach_reports/
Education boards left gates wide open for PowerSchool mega-breach, say watchdogs

: Privacy cops say attack wasn't just bad luck but a result of sloppy homework

The Register
TechNaduOct 16, 2025

🚨 PowerSchool Hacker Sentenced: 4 Years for 62M Student Data Breach
Matthew D. Lane, 19, hacked PowerSchool, stole sensitive info, demanded ransom, and now faces 4 years in prison with $14M restitution & $25K fine.

💬 How should K-12 platforms secure sensitive student and teacher data? Comment & follow @technadu for expert cybersecurity coverage.

#CyberSecurity #DataBreach #K12Security #PowerSchool #StudentData #Ransomware #Infosec #DigitalSafety #TechNadu #CyberCrime

Dissent Doe  Oct 14, 2025

Earlier today, Matthew Lane, the 19-year old from Massachusetts who confessed to hacking a telecom and #PowerSchool, was sentenced to 4 years in prison, 3 years supervised release after that, $14M in restitution, and forfeiture of $160k.

#EduSec #cybersecurity #ShinyHunters #G0retrance #databreach

CyberVeille.chOct 13, 2025
📢 Sept ans requis contre un hacker de 19 ans pour le piratage de PowerSchool et le vol de données massives
📝 Selon l’article, les procureurs demandent une peine de sept ans de prison contre Matthew Lane (19 ans...
📖 cyberveille : https://cyberveille.ch/posts/2025-10-13-sept-ans-requis-contre-un-hacker-de-19-ans-pour-le-piratage-de-powerschool-et-le-vol-de-donnees-massives/
🌐 source : https://therecord.media/powerschool-prison-sentence-hacker
#PowerSchool #hacking #Cyberveille
Sept ans requis contre un hacker de 19 ans pour le piratage de PowerSchool et le vol de données massives

Selon l’article, les procureurs demandent une peine de sept ans de prison contre Matthew Lane (19 ans, Massachusetts), après son plaidoyer de culpabilité pour le piratage des bases de données de l’entreprise d’edtech PowerSchool et le vol de données à grande échelle. 🎯 Cible: PowerSchool (edtech) 📦 Données compromises: >60 millions d’élèves et 9 millions d’enseignants 👤 Auteur: Matthew Lane, 19 ans ⚖️ Procédure: Plaidoyer de culpabilité; requête des procureurs: 7 ans de prison Un mémo de condamnation déposé mardi indique que Lane aurait également piraté au moins sept autres victimes depuis 2021, dont des entités gouvernementales étrangères.

CyberVeille