News Summary
Texas Attorney General Ken Paxton has filed a lawsuit against PowerSchool following a significant data breach affecting over 880,000 students and teachers. The breach involved sensitive personal identifying information and occurred due to inadequate security measures. PowerSchool is accused of misleading clients about its data protection practices. While the company claims compliance with security standards, the lawsuit highlights serious concerns regarding its ability to safeguard sensitive information. As investigations continue, the implications for educational data security are being closely examined.
AUSTIN, Texas – Texas Attorney General Ken Paxton has initiated legal action against PowerSchool, a California-based company that provides cloud-based services to K-12 educational institutions, following a substantial data breach that compromised the sensitive personal information of over 880,000 students and teachers in Texas.
The lawsuit comes in the wake of the data breach that exposed sensitive personal identifying information (PII) and protected health information (PHI) of both students and educators. The breach reportedly occurred in December 2024 when a hacker gained administrative access through the account of a subcontractor, subsequently transferring large volumes of unencrypted data to a server located overseas.
According to the lawsuit, PowerSchool’s software is widely used by numerous Independent School Districts in Texas, including large districts such as Dallas, Frisco, Plano, McKinney, Houston, Katy, and Lovejoy. The compromised data included crucial details such as names, addresses, Social Security numbers, medical information, disability records, and special education data. Additionally, information regarding bus stops was accessed, raising concerns about the safety and security of the affected children.
PowerSchool touts its software as a comprehensive platform for managing student information, claiming adherence to the “highest security standards.” However, the lawsuit alleges that the company failed to implement essential security measures, including multi-factor authentication, proper access controls, and adequate data encryption. As a result, PowerSchool is accused of misleading customers about its security practices and failing to adequately protect sensitive information as mandated by the Texas Deceptive Trade Practices Act and the Identity Theft Enforcement and Protection Act.
In light of these allegations, Attorney General Paxton emphasized the vital responsibility that technology companies hold in safeguarding the personal data of children. He has expressed a commitment to holding PowerSchool accountable for its failures, which have put Texas students, teachers, and their families at risk.
The Houston Independent School District (HISD), which is the largest school district in Texas, also utilizes PowerSchool’s HISD Connect for managing student data. Officials from HISD have stated that their data was not compromised as part of the breach. Nonetheless, the potential implications for other districts remain severe.
PowerSchool has issued a response in which the company stated that it is actively working to minimize the impact of the breach. This includes notifying regulators and providing identity protection services to the affected individuals. The company intends to mount a strong defense against the lawsuit.
The lawsuit seeks financial penalties, enhanced data security practices, and potential restitution for those impacted by the breach. A cybersecurity expert has described the breach as an “incredibly big deal,” warning of the long-term damage that could arise from the exposure of children’s Social Security numbers and other sensitive information.
PowerSchool serves over 60 million students across various school districts and markets its platform as a secure method for managing educational data. However, this incident raises serious questions about the effectiveness of their security measures and the prioritization of data protection.
As the legal proceedings unfold, the incident addresses broader concerns regarding data security in education, the responsibilities of tech companies, and how the personal information of students and educators is safeguarded.
Deeper Dive: News & Info About This Topic
HERE Resources
Additional Resources
- Houston Chronicle
- Wikipedia: Data breach
- Click2Houston
- Google Search: Texas PowerSchool data breach
- CBS News
- Google Scholar: PowerSchool data breach
- Dallas Express
- Encyclopedia Britannica: Data security
- The Cyber Express
- Google News: PowerSchool breach
Author: STAFF HERE HOUSTON TX WRITER
HOUSTON STAFF WRITER The HOUSTON STAFF WRITER represents the experienced team at HEREHouston.com, your go-to source for actionable local news and information in Houston, Harris County, and beyond. Specializing in "news you can use," we cover essential topics like product reviews for personal and business needs, local business directories, politics, real estate trends, neighborhood insights, and state news affecting the area—with deep expertise drawn from years of dedicated reporting and strong community input, including local press releases and business updates. We deliver top reporting on high-value events such as Houston Livestock Show and Rodeo, Art Car Parade, and Chevron Houston Marathon. Our coverage extends to key organizations like the Greater Houston Partnership and Houston Area Urban League, plus leading businesses in energy and healthcare that power the local economy such as ExxonMobil, Schlumberger, and Houston Methodist. As part of the broader HERE network, including HEREAustinTX.com, HERECollegeStation.com, HEREDallas.com, and HERESanAntonio.com, we provide comprehensive, credible insights into Texas's dynamic landscape.
