Dear WPS Parents, Caregivers, Students, and Staff:
We are writing to you with an update about the recent cybersecurity incident experienced by PowerSchool, the software vendor that provides our Student Information System (SIS). As you are aware, Wellesley Public Schools was notified by PowerSchool of the unauthorized acquisition of data stored within our PowerSchool SIS as a result of unauthorized access to PowerSchool’s customer support platform. This incident involved data Wellesley Public Schools stored within our PowerSchool platform, along with thousands of other schools that were also impacted by the incident.
PowerSchool recently engaged Experian to provide notification assistance and access to identity protection services. Over the next few weeks, PowerSchool will coordinate with Experian to provide notice via email to students (or their parents/guardians if the student is under 18) and staff whose information was impacted. Through Experian, PowerSchool is offering two years of identity protection services for all current and former students and current and former staff whose information was involved and is also offering two years of credit monitoring services for all adult students and staff whose information was involved, regardless of whether an individual’s Social Security Number was impacted. Additional details about the monitoring services being offered are already available at http://www.powerschool.com/security/sis-incident/notice-of-united-states-data-breach/. Additionally, PowerSchool will provide a phone number to answer any questions you may have about the incident. The notice will include the identity protection and credit monitoring services offer (as applicable). We will let you know if we receive more information about the timing of notification.
This cybersecurity incident was outside the control of the district or any individual school, but we are taking appropriate steps to safeguard student and faculty information. We are reviewing our policies and procedures to limit sensitive data contained within PowerSchool to minimize the risk of a similar incident occurring in the future. We are also reviewing our vendor engagements to further this effort.
If you have additional questions, we encourage you to visit PowerSchool’s website, http://www.powerschool.com/security/sis-incident/ for the latest information on the incident. We will continue to monitor PowerSchool’s response to this situation to ensure they are meeting the needs of the Wellesley Public Schools community.
Thank you for your understanding and patience as we navigate this challenging situation. Once again, please know that we regret any worry or inconvenience that this may cause.
Sincerely,
Dr. David Lussier
Superintendent of Schools