Archdiocese of Baltimore Catholic Schools Community,
We are reaching out to inform you about a nationwide data breach affecting the Archdiocese of Baltimore Department of Catholic Schools, which is part of a broader incident involving PowerSchool, a Student Information System (SIS) utilized by school districts throughout the United States. The Archdiocese’s Department of Schools and Archdiocese of Baltimore systems were not breached. Only data related to the Department of Schools that was stored on PowerSchool was affected.
We have learned the breach occurred between December 19 and 28, 2024, when a threat actor gained unauthorized access to data from districts across the country, including the Archdiocese of Baltimore, using stolen credentials.
Data Affected: We are actively working with PowerSchool to determine exactly what data was impacted and will share additional information in a follow-up communication.
Mitigation Steps: PowerSchool has confirmed that the breached data file has been deleted and is no longer accessible. They have also notified the FBI and hired a cybersecurity firm, CrowdStrike, to assist in addressing the breach. CrowdStrike has reported that at this time no data from the breach has been found on the dark web, and they continue to monitor this space.
While PowerSchool is responsible for this incident and its impact, our team acted swiftly once we were notified and is continuing to investigate. The Department of Catholic Schools understands the importance of your trust and is diligently committed to protecting our student and staff data.
PowerSchool has informed us that they will provide additional information, including contact information, that community members can use to dialogue directly with the company. We will share that information with you once it is available.
Thank you for your understanding.
Sincerely,
Department of Catholic Schools
Archdiocese of Baltimore