New threats emerge from PowerSchool data breach; Burke schools urge caution

Officials with Burke County Public Schools reached out to staff members and students’ families on Wednesday, May 7, regarding the latest threat posed by a recent data breach affecting the systems’ student information system.

PowerSchool, the information program used by the North Carolina Department of Public Instruction (DPI) since 2013, announced in December 2024 that “threat actors” had infiltrated the system and demanded a ransom payment, which PowerSchool delivered, according to the company’s May 7 update. The cyberthieves said that in exchange for payment, they would destroy the data they had stolen.

Recently, threat actors again reached out to public school employees, threatening to expose private data unless additional payments were made.

DPI Chief Information Officer Vanessa Wrenn spoke at a virtual press conference Wednesday evening.

“In our conversations with PowerSchool, they have indications it is the same threat actor, but they cannot verify that,” she said. “What we do know is that data is not destroyed, and it is out there.”

According to Burke County Public Schools Public Relations Officer Cheryl Shuffler, the local district was notified in December/January that “some of our employees’ and students’ data was compromised.” Shuffler added, “the latest ‘targeting’ has not impacted us in that we have not received specific threats.”

Even though BCPS was apparently not a victim of this breach, the district’s Digital Teaching and Learning Director Dr. Kristin Edwards took a proactive approach by sending the following letter to all members of the district team on Wednesday evening:

Dear Burke County Public School Families,

We want to make you aware of a recent update related to the PowerSchool data breach that was originally reported in January of this year. This morning, several school and North Carolina Department of Public Instruction (NCDPI) employees across the state received messages from threat actors claiming to have access to student and teacher data from that breach. We have been informed that several Canadian school districts have received similar messages as well.

Based on the current status of our investigation, we believe that the threat actors have access to the same data tables that were originally compromised. These data tables include student and staff names, contact information, social security numbers (limited student social security numbers), birthdays, medical notes, passwords (limited) and parent/guardian information.

NCDPI has already notified appropriate law enforcement agencies, who are actively investigating this incident.

We want to assure you that Burke County Public Schools and NCDPI have done everything possible to protect this information. PowerSchool, the vendor responsible for the incident, has taken full responsibility for the breach and is providing support services for those impacted.

What You Need to Know:

• Please do not open any suspicious links or emails related to this incident.
• Do not engage with anyone claiming to have this data.
• PowerSchool is offering two years of free identity protection and credit monitoring to all affected students and educators through July 1, 2025. NCDPI is advocating for this window to be extended further to ensure everyone has time to enroll. Affected individuals can enroll in identity protection and credit monitoring at no cost to themselves here.

Services include:

• Two years of complimentary identity protection for all students and educators affected
• Two years of complimentary credit monitoring for all adult students and educators affected
• These services are available regardless of whether an individual's Social Security number was compromised.
• Additional protection: Impacted users can freeze their identity for free through the North Carolina Department of Justice.
• As we continue to work through this incident, we are committed to supporting students, families and staff with transparency and care.