EL PASO, Texas (KTSM) — A cybersecurity incident impacted Tornillo Independent School District’s student information system last month along with other systems worldwide, according to the school district.
Tornillo ISD says it became aware of a cybersecurity incident involving unauthorized access to certain information through one of its community-focused customer support portals, PowerSource on Saturday, Dec. 28.
The district says an investigation determined that an unauthorized party outside of the U.S. gained access to PowerSchool student information system data using a compromised credential.
“The compromised account, which has since been deactivated by PowerSchool, was used to access all production and non-production servers via the PowerSchool API,” the district said.
The district says that PowerSchool has received assurance and video confirmation from the perpetrator that the data has been deleted and that no additional copies exist.
“As soon as we learned of the potential incident, we immediately engaged our cybersecurity response protocols and mobilized a cross-functional response team, including senior leadership and third-party cybersecurity experts. We have also informed law enforcement,” the district said.
The compromised credential has also been deactivated and has been restricted access to the affected portal, the district said.
The incident compromised PowerSchool servers across Texas, the U.S. and Canada.
No further information was released.
Read: Read More