Skip To Main Content
person with a laptop and a security lock in the background

ATTN: CVSU Families, Alumni, and Employees (current and past)


Central Vermont Supervisory Union was notified on January 7, 2025 by our district's Student Information System (SIS) provider PowerSchool that on December 28, 2024 they became aware of a potential cybersecurity incident. PowerSchool's incident involved unauthorized access to certain information through one of their community-focused customer support portals. Through this incident the unauthorized party gained access to certain PowerSchool SIS customer data using a compromised credential. PowerSchool is a global provider and manager of data for school districts and systems throughout the United States and globally.

 

CVSU was informed by PowerSchool that the district data stored in their system may have been compromised. After verifying system logs, it was determined that basic Personally Identifiable Information (PII) for CVSU staff and students (including graduates and employees as far back as 2022) WAS compromised and downloaded by the threat actors. This information included names, addresses, DOB, Gender, email addresses, and phone numbers for all staff and students. Because we do not make a practice of storing social security numbers in the PowerSchool database, there was only 1 social security number of a staff member stolen[*]. However, we will be sharing more information with staff and families on the anticipated free credit monitoring service that PowerSchool will be making available as a result of this breach.

If you would like to know exactly what information was stolen you may submit a request to helpdesk@cvsu.org and a printed copy will be made available to you. Please include your/your student’s full name in the request.

Sincerely,

Trey Cates

Director of Technology

*There was one SSN number for a staff member in the system. That staff member was alerted immediately and the number purged from our PowerSchool Database.

  • CVSU