PowerSchool cybersecurity incident update

APS families:

I am writing to provide an update on the cybersecurity incident that recently affected PowerSchool, the student information system that is used by our district and many others.

Our internal investigation has revealed that the following student information—dating as far back as 2009—was compromised on December 21, 2024 and December 22, 2024. This data includes:

Although PowerSchool has taken full responsibility for this incident and has informed us that it believes the compromised data has been deleted and will not be made public, we feel it is necessary to keep families informed as we continue to learn more about this data breach.

PowerSchool has informed us that it will coordinate with Experian, a credit reporting agency, to notify impacted students, parents/guardians, and educators. PowerSchool will also provide details about the complimentary identity protection and credit monitoring services it will offer, as well as launch a web page (https://www.powerschool.com/security/sis-incident/notice-of-united-states-data-breach) and distribute a media release to ensure it reaches as many involved individuals as possible to provide them with resources to protect their information.

In compliance with Allegan Public Schools Board of Education policy 3110 regarding “Data Breach Response,” APS will use the last known address on file to contact families in writing of students with compromised social security numbers. Families are also welcome to call Allegan Public Schools at (269) 673-5431 if they are interested in knowing the specific data that was compromised in regard to their student and/or family.

The privacy of our students, staff, and families is a top priority at Allegan Public Schools. We hope this incident encourages all educational vendors to reassess their data privacy and security protocols.

Thank you for your patience and understanding as we navigate this matter together.