Skip to main content
PowerSchool Breach Information » Communication Update (1/10/2025): PowerSchool Breach

Communication Update (1/10/2025): PowerSchool Breach

Good afternoon ZCS Faculty, Staff, Parents & Guardians-

This is an important update with new information regarding the wide-spread PowerSchool breach. As mentioned in the communication you received on January 8th regarding this incident, the ZCS Technology Department has been conducting an internal investigation into all the district’s PowerSchool-related products. These steps have included additional conversations with PowerSchool personnel. I regret to inform you that contrary to what was initially communicated to ZCS that we were unaffected, we have since learned that some of our student and staff information included in the ZCS Student Information System (SIS) was impacted in the breach.
 
Below is what has been confirmed as of 1/10/2025:

  • The breach did not cause any ZCS data to change.  
  • PowerSchool has shared that the breach has been contained, and no malware was involved. PowerSchool is working to prevent any of the involved data from their clients from further unauthorized access. PowerSchool believes there has been no misuse of information. 
  • Student data included in the breach spans thousands of student accounts, some as early as 2009. This includes student information system-related data such as name, date of birth, address, and phone number. Additionally, non-directory information such as medical information parents may have included during the 24-25 registration may have been exposed. 
  • Social security numbers* are not currently listed in PowerSchool for ZCS students. 
  • Parent/guardian names, emails, addresses and phone numbers have been included in the breach. Emergency contact names and phone numbers have also been included.
  • Teacher and staff member data required by the Indiana Department of Education (IDOE) for access to the state’s DOE LINK system includes the last four digits of individual social security numbers. Those have been included in the PowerSchool breach. This impacts certified staff and those employees who need access to the IDOE’s LINK system.
  • Some parents may have received an email in late December with the subject line: “Your PowerSchool Parent account information has changed.”  This email was not related to the breach but was the result of our internal updating process by ZCS staff as we have been working to consolidate parent and emergency contacts.  For example, if a parent set up a parent portal account using a first name James, but during student registration entered Jim, we have worked to merge these accounts.  In this case, the team updated the parent portal account to be Jim so that the information from the registration system (phone, address, etc.) could be consolidated onto the parent portal account. Families receiving this communication likely saw it in their email inbox beginning in mid-November.
  • Some families received a recent communication from Meal-Magic which includes details on account balances for Food Service. This communication is not connected to the breach and is a communication from our Food Services team.

 
*For a limited number of students who graduated in 2019 and 2020, social security numbers for the 21st century scholarship program and other scholarship opportunities such as the Frank O’Bannon Grant program have been exposed. Those individuals impacted will be individually contacted as they are identified.
 
We are working with PowerSchool to secure credit monitoring and identity protection services for all affected individuals. We will share that information as PowerSchool makes it available.
 
It is important to note that at no time were the Zionsville Community Schools’ computer network or other systems breached.
 
We will continue to provide updates as any new information becomes available. Thank you for your continued support of Zionsville Community Schools.
 
Sincerely,
Dr. Rebecca Coffman
ZCS SuperintendentGood afternoon ZCS Faculty, Staff, Parents & Guardians-

This is an important update with new information regarding the wide-spread PowerSchool breach. As mentioned in the communication you received on January 8th regarding this incident, the ZCS Technology Department has been conducting an internal investigation into all the district’s PowerSchool-related products. These steps have included additional conversations with PowerSchool personnel. I regret to inform you that contrary to what was initially communicated to ZCS that we were unaffected, we have since learned that some of our student and staff information included in the ZCS Student Information System (SIS) was impacted in the breach.
 
Below is what has been confirmed as of 1/10/2025:
 

  • The breach did not cause any ZCS data to change.  
  • PowerSchool has shared that the breach has been contained, and no malware was involved. PowerSchool is working to prevent any of the involved data from their clients from further unauthorized access. PowerSchool believes there has been no misuse of information. 
  • Student data included in the breach spans thousands of student accounts, some as early as 2009. This includes student information system-related data such as name, date of birth, address, and phone number. Additionally, non-directory information such as medical information parents may have included during the 24-25 registration may have been exposed. 
  • Social security numbers* are not currently listed in PowerSchool for ZCS students. 
  • Parent/guardian names, emails, addresses and phone numbers have been included in the breach. Emergency contact names and phone numbers have also been included.
  • Teacher and staff member data required by the Indiana Department of Education (IDOE) for access to the state’s DOE LINK system includes the last four digits of individual social security numbers. Those have been included in the PowerSchool breach. This impacts certified staff and those employees who need access to the IDOE’s LINK system.
  • Some parents may have received an email in late December with the subject line: “Your PowerSchool Parent account information has changed.”  This email was not related to the breach but was the result of our internal updating process by ZCS staff as we have been working to consolidate parent and emergency contacts.  For example, if a parent set up a parent portal account using a first name James, but during student registration entered Jim, we have worked to merge these accounts.  In this case, the team updated the parent portal account to be Jim so that the information from the registration system (phone, address, etc.) could be consolidated onto the parent portal account. Families receiving this communication likely saw it in their email inbox beginning in mid-November.
  • Some families received a recent communication from Meal-Magic which includes details on account balances for Food Service. This communication is not connected to the breach and is a communication from our Food Services team.

 
*For a limited number of students who graduated in 2019 and 2020, social security numbers for the 21st century scholarship program and other scholarship opportunities such as the Frank O’Bannon Grant program have been exposed. Those individuals impacted will be individually contacted as they are identified.
 
We are working with PowerSchool to secure credit monitoring and identity protection services for all affected individuals. We will share that information as PowerSchool makes it available.
 
It is important to note that at no time were the Zionsville Community Schools’ computer network or other systems breached.
 
We will continue to provide updates as any new information becomes available. Thank you for your continued support of Zionsville Community Schools.
 
Sincerely,
Dr. Rebecca Coffman
ZCS Superintendent