PowerSchool Data Breach: Lessons for GRC Leaders about the Newest Third-Party Risks
The PowerSchool data breach has become a defining example of third-party risk failure in education and EdTech. It's a harsh wake-up call for ethics, Governance, Risk, and Compliance (GRC) teams. What Caused This Data Breach? On December 28, 2024, PowerSchool confirmed a compromised credential had been used to access its PowerSource customer portal—a system that supports school staff across 17,000 districts and serves over 55 ...