Regional School Unit No. 56
147 Weld Street, Dixfield, Maine 04224
Phone: (207)562-4300 - Fax: (207)562-6075
Pam Doyen, Superintendent of Schools
____________________________________________________________________________
January 8, 2025
Dear RSU 56 Staff, Parents/Guardians & Students,
I am writing to inform you of a recent data breach involving PowerSchool, the vendor for our Student Information System (SIS). This incident has raised concerns about the security of sensitive information within our district and requires our immediate attention.
Please note: This is a Statewide breach with PowerSchool servers, not just RSU56.
Overview of the Breach
PowerSchool has reported that on December 28, 2024, they discovered unauthorized access to customer data through compromised credentials on their PowerSource customer support portal. The breach involved the export of student and educator data from specific database tables. Notifications were sent to affected districts on January 7, 2025, confirming that an unauthorized party had accessed data. The server and the information that was compromised was hosted by PowerSchool in their data centers, not in our district server rooms.
Impact on Our District
The breach may have included the following types of data:
Contact information (names, addresses, etc.)
Sensitive data such as date of birth, medical information, and grades
Please note: We do not collect or store SSNs of any currently enrolled student or employed staff in PowerSchool.
At this stage, we are working closely with PowerSchool to determine the specific impact on our district. PowerSchool has engaged third-party cybersecurity experts to investigate and mitigate this incident.
Actions We Are Taking
Investigation: We are reviewing server logs and collaborating with PowerSchool to verify whether our district’s data was compromised, and to what extent
Communication: We will keep you informed of updates and provide guidance as we receive additional information from PowerSchool.
Data Security Measures: We are assessing our current security protocols to ensure robust safeguards are in place to protect district data.
Next Steps
Vendor Support: PowerSchool has promised to provide communication packages to assist districts in a meeting with them this afternoon addressing concerns from families and other stakeholders. We will utilize these resources to inform and support our community.
Vigilance: We ask all staff members (and students) to remain vigilant regarding potential phishing emails or suspicious activity and report any concerns to me as soon as possible.
What You Can Do
In the meantime, please take the following precautions:
Avoid sharing passwords and always use strong, unique credentials for accessing district systems.
Be alert for phishing attempts and report any suspicious emails.
Notify the IT department of any irregularities in PowerSchool access or functionality.
We understand that this news may cause concern, and we are committed to addressing this situation transparently and effectively. If you have any questions or require further information, please do not hesitate to reach out.
Thank you for your cooperation and understanding as we work through this challenge together.
Sincerely,
Brian Keene, Director of Technology
Regional School Unit No. 56
207-562-4300 x4103