Audit reveals Powerschool’s security failure in Rochester City School District data breach – News10NBC

ROCHESTER, N.Y. — New details have emerged about the data breach that impacted students in the Rochester City School District. An audit reveals that PowerSchool, the company breached, did not implement basic security measures.
According to cybersecurity firm CrowdStrike, PowerSchool failed to use multi-factor authentication. Hackers did not employ malware or exploit a backdoor; instead, they accessed the system using a single employee’s password.
A source informed News10NBC that PowerSchool paid a ransom to the hackers. In return, the hackers provided a video showing them supposedly deleting the stolen data.
The Rochester City School District reported on Tuesday that hackers accessed the records of approximately 134,000 students and staff.
A.I. assisted with the formatting of this story. Click here to see how WHEC News10NBC uses A.I.
Any person with disabilities who needs help accessing the content of the FCC Public file should contact Gini Darden at gini.darden@whec.com or 585-546-1705
This website is not intended for users located within the European Economic Area.
© WHEC-TV, LLC
A Hubbard Broadcasting Company

source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.