The Alabama Institute for the Deaf and Blind (AIDB) suffered a data breach affecting personal information of K-12 students and staff, according to an announcement by the institution. The AIDB Office of Information disclosed in a Facebook statement that on January 7, 2025, they discovered a cybersecurity incident involving their PowerSchool student information system, which resulted in unauthorized access to staff and student data.
“This was an international incident where PowerSchool was hit off-site, and so there’s nothing that our districts or the State Department could have done differently,” stated Alabama State Superintendent, Eric Mackey
According to officials, the compromised information was classified as “directory data,” which primarily contains less sensitive details such as names, addresses, and phone numbers of students and educators.
While it does not appear that any sensitive data was compromised, Mackey acknowledged that any breach is concerning: “Obviously, we’re very concerned about this – concerned about it every day – because there’s just no way to ever completely say all of this data is 100% secure.”
PowerSchool, a provider of K-12 information management systems, revealed in a letter that was subsequently reported by news media that the breach was first detected on December 28. The unauthorized access occurred through the company’s PowerSource portal, which maintains student and teacher information, though other PowerSchool products remained unaffected.
While the FBI is conducting an investigation, neither the bureau nor PowerSchool has made any public announcements regarding the breach.
This breach follows another cybersecurity incident that affected the Alabama Department of Education earlier in 2024. That previous attack compromised sensitive data, including bank account details and student ID numbers of employees and students. According to Mackey, that case has been concluded, with no evidence of the stolen information appearing on the dark web.