The Arlington Public Schools School Committee convened on January 9, 2024, to address several key issues impacting the district, including email communication practices and a significant cybersecurity breach involving their student information system, PowerSchool.

The meeting began with discussions on improving email communication within the district. Committee members emphasized the importance of explicit teaching regarding email best practices. Suggestions included avoiding the use of links in communications and discouraging the forwarding of emails. It was noted that regular checks of email practices could enhance communication efficiency. Ms. Morgan highlighted the priority of responding to students and families, reinforcing the need for strong communication expectations.

Following this discussion, the Superintendent provided an update on the recent PowerSchool security breach. The breach, which occurred in late December, affected numerous districts across the country and involved unauthorized access to sensitive data. The Superintendent detailed that demographic information, including names, addresses, and phone numbers of current and former students, families, and staff, was compromised. Additionally, some sensitive information related to staff was also accessed.

The district is currently investigating the extent of the breach and has been in communication with PowerSchool, which has engaged a third-party cybersecurity vendor to monitor their systems. While PowerSchool has assured the district that the compromised data has been deleted, the Superintendent advised caution, as there is no guarantee that the information was not copied or stored elsewhere.

The Superintendent also mentioned that more sensitive data was accessed for a limited number of students who graduated before 2016, and the district plans to reach out to those individuals directly. The nature of the accessed data raises concerns about potential identity theft and phishing scams, prompting the district to reiterate best practices for email safety and data protection.

The meeting concluded with a commitment to provide further updates to the community, including detailed information about the breach and recommended actions for affected individuals. The district aims to enhance its communication strategies and ensure the safety of its data systems moving forward.