Westbrook Public Schools

On or about April 23, 2025, LEARN experienced a ransomware incident that impacted its environment and may have affected the information of Connecticut students(the “Incident”). Upon discovery of the Incident, LEARN engaged cybersecurity counsel and forensic experts to investigate how the Incident occurred and what information may have been impacted.

While LEARN’s investigation remains ongoing, this preliminary notice is being provided to your office out of an abundance of caution and in anticipation that the Incident potentially impacted Connecticut students. While these types of situations have become all-too-common worldwide, LEARN recognizes the significance of this event and has quickly taken the appropriate steps to address it.

LEARN’s assessment of the Incident may span several weeks. Upon the completion of the investigation, should it be determined that any personal information may have been impacted, we will notify individuals accordingly.

We appreciate your patience as we conduct this investigation. If you have any questions or need additional information, please do not hesitate to contact me at kericson@learn.k12.ct.us or (860)434-4800, extension 1163.

Update 5/12/2025:  Notification from PowerSchool:

Dear Valued Customers:

We are writing to inform you of a recent development related to the cybersecurity incident PowerSchool experienced in December 2024.

PowerSchool recently became aware that a threat actor has reached out to some PowerSchool SIS customers in an attempt to extort them using data from the previously reported December 2024 incident. We do not believe this is a new incident, but we wanted our customers to be informed, nonetheless.

As you all are likely aware, in the days following our discovery of the December 2024 incident, we made the decision to pay a ransom because we believed it to be in the best interest of our customers and the students and communities we serve. It was a difficult decision, which our leadership team did not make lightly. As is always the case with these situations, there was a risk that the bad actors would not delete the data they stole, despite assurances and evidence that were provided to us.

In light of this, I want to take a moment to remind you all that following the December 2024 incident, PowerSchool also offered and made widely available credit monitoring and identity protection services for a period of two years to students and faculty of our PowerSchool SIS customers, regardless of whether they were individually involved. We encourage you all to take this opportunity to remind your communities that these services are still available. If you choose to send an update to your families and educators, we have included a suggested message for you to send below.

As a reminder, information about credit monitoring and identity protection services and enrollment can be found on our website:

For customers in the U.S.: https://www.powerschool.com/security/sis-incident/notice-of-united-states-data-breach/

For customers in Canada: https://www.powerschool.com/security/sis-incident/notice-of-canada-data-breach/
We sincerely regret the occurrence of the 2024 incident. We will continue supporting our valued customers and law enforcement as we work through this together. If you have any questions or concerns, please don’t hesitate to reach out to your CSM.

Sincerely,
Hardeep Gulati
Chief Executive Officer, PowerSchool

Update 2/25/2025:  We have received word that PowerSchool and Experian have begun the process of reaching out to affected users.  Please be aware that you may receive a notification from them with information related to the breach and further instructions about signing up for identity protection services.

Update 2/5/2025:  PowerSchool is offering two years of complimentary identity protection services to students and educators whose information was involved. For adult students and educators, this offer will also include two years of complimentary credit monitoring services.  More information related to this will be relayed directly from PowerSchool and Experian in the coming weeks.  For more information, please visit https://www.powerschool.com/security/sis-incident/notice-of-united-states-data-breach/?mkt_tok=ODYxLVJNSS04NDYAAAGYUw2MUO7s22bXSJItiAlgmEBFVNWalGDtiyq1KO0p-XU50B8eEFDAuCSBFd7LEhIGkHpRwdIMs1g_cSp1oOM2Wnl6DJrVlt3qieCqYOlpB_z_tIk

Update 1/17/2025:  PowerSchool will contact parents and guardians of current students, former students, current employees, and former employees to offer various forms of credit monitoring and identity theft protection.  We will update this page as information is provided to us by PowerSchool.  Should you have any specific questions regarding the data breach, please email the Director of Technology, Benjamin Russell, by emailing brussell@westbrookctschools.org.

Initial Notification 1/9/2025:  On January 7th, Westbrook Public Schools was notified that PowerSchool had been the victim of a data breach.  PowerSchool is used by the school district to manage student, staff, and parent information to provide students with schedules, contact maintenance, and grade information. 

We have confirmed that a breach occurred on December 22, 2024, involving demographic information related to students and staff. Working with PowerSchool, we have been assured that the original cause of the breach has been resolved, and no copies of the data exist outside of our systems. PowerSchool also assures us that they will continue to monitor sources for copies of this information.

You may have heard in the media that social security numbers were included in this breach.  This is not the case for Westbrook Public Schools.  We do not store social security numbers or financial information in PowerSchool. 

We will continue to monitor access to data and work with PowerSchool to further protect our students and staff. We will also continue to provide updated information as it becomes available.

PowerSchool has created an information page available at https://www.powerschool.com/security/sis-incident/ for families, staff, and customers.

On 5/11/2017, sources including EdSurge, EdWeek, and Motherboard reported that Edmodo accounts had been compromised.  While it is not clear how many accounts were discovered, sources have reported that it could be as high as 77 million.  The account information found was encrypted, meaning those in possession of it will still need to break the encryption keys to make it useful.  At this time, we are recommending anyone using Edmodo reset their passwords.  

Edmodo is not something we widely use in our district, but it is important to understand the security and data privacy risks involved in this situation.  Should there be any questions, please contact Information Technology Coordinator Benjamin Russell at brussell@westbrookctschools.org or by phone at 860-399-6432.

On the 11th of January 2020, Canva became aware of a list of approximately 4 million Canva accounts containing user passwords stolen as part of the May 24 breach. The passwords had been decrypted and recently shared online.

As unchanged passwords might be used to access Canva accounts , we responded immediately to restrict access to Canva logins, and commenced work to both invalidate unchanged passwords, and notify users with unencrypted passwords in the list.

For more information, please visit https://support.canva.com/contact/customer-support/may-24-security-incident-faqs/.

Canva is not required software in our district, but it is important to understand the security and data privacy risks involved in this situation.  Should there be any questions, please contact Information Technology Coordinator Benjamin Russell at brussell@westbrookctschools.org or by phone at 860-399-6432.