KANSAS CITY, Mo. — PowerSchool, a company that provides student information systems for school districts across the U.S. and in the Kansas City area, didn't take basic precautions to protect the data of students, according to a report.
NBC reports hackers were able to download student records after logging into the account of a PowerSchool employee who failed to use two-factor authentication.
Once inside the employee's account, hackers were able to access a "maintenance access" function which allowed them to download children's personal information by the millions, NBC said.
Earlier this month, the Liberty Public Schools district informed families it was impacted by the data breach.
At the time, the district told families that the personal information of students and staff members was exposed during the breach.
However, the district was ensured that no data was replicated or shared.
NBC reports PowerSchool paid hackers a ransom after officials with the company were shown a video of the hackers deleting the data.
—
