St. Johns County parents learned Tuesday that their kids’ sensitive data was stolen as part of an education software company hack.
The district sent out an unsettling email revealing the theft — which scraped names, contact information and dates of birth.
The message did not rule out the possibility that Social Security numbers were also taken, only stating officials did “not have evidence” to confirm it.
The district uses software from the targeted firm, PowerSchool, to store student information on their cloud servers.
Globally, more than 50 million minors were impacted by the hack.
Parents were urged to now be on the lookout for signs of identity theft , where their kids’ information could be misused for illicit purposes.
Children with social media accounts should be especially vigilant, as bad actors can leverage the stolen information to compromise them.
PowerSchool learned of the breach on Dec. 28 and gave the district a list of affected users on January 13.
Administrators waited until the company activated credit monitoring resources on Jan. 29 before letting moms and dads know that their kids information had been pilfered.
“We also encourage you to enroll your child in the complimentary identity monitoring services offered by PowerSchool,” the email read.
The district created a brand new website dedicated to hack updates.
The district said it was “reassessing” its relationship with PowerSchool.
If the contracts continue, St. Johns County officials told parents that it would “seek reassurances” that a similar hack won’t happen again.
