On December 28, education technology giant PowerSchool discovered a data breach that exposed sensitive information of millions of students and teachers worldwide. The company, which provides cloud-based software to over 18,000 schools and 60 million students in North America, notified its customers on January 7, but the lack of detailed information sparked a community-led response to fill the information gap.

The breach accessed a cloud system that housed a trove of private information, including Social Security numbers, medical records, grades, and other personal data. Sources at affected school districts told TechCrunch that hackers accessed "all" historical student and teacher data stored in PowerSchool-provided systems. The impact of the breach could be "massive," according to a tech worker at an affected school.

Romy Backus, who manages the PowerSchool SIS system at the American School of Dubai, was one of the first to receive the notification email. However, she was frustrated by the lack of concrete information provided by PowerSchool, prompting her to investigate the breach and create a how-to guide to help other affected schools. The guide, which includes details on the specific IP address used by hackers and steps to investigate the incident, has gone viral within the PowerSchool community, with over 2,500 views as of Friday.

Backus' initiative was not an isolated response. The PowerSchool community, comprising administrators and IT workers from affected schools, rallied together to share information and resources. The community's efforts were fueled by solidarity and necessity, given the slow and incomplete response from PowerSchool. Several school workers supported each other through Reddit threads, with some publishing open-source tools and how-to videos to help others respond to the breach.

Doug Levin, co-founder and national director of the K12 Security Information eXchange (K12 SIX), a nonprofit that helps schools with cybersecurity, noted that open collaboration is common in the education sector, but the PowerSchool incident highlights the need for more formal information sharing infrastructure. Levin emphasized that schools often lack specialist cybersecurity expertise and rely on informal channels to respond to incidents.

PowerSchool's spokesperson, Beth Keebler, acknowledged the community's efforts, stating that the company is "grateful for our customers' patience and sincerely thank those who jumped in to help their peers by sharing information." However, the company's initial response has been criticized for lacking actionable information, leaving schools to scramble and figure out the extent of the breach on their own.

The PowerSchool data breach serves as a stark reminder of the vulnerabilities in the education sector's cybersecurity infrastructure. As the sector continues to grapple with the aftermath of this incident, it is clear that a more comprehensive and collaborative approach is needed to protect sensitive student and teacher information.