PowerSchool disclosed a data breach affecting some clients of its PowerSchool Student Information System (SIS), used by school districts to manage student records. The breach involved unauthorized access to data through a compromised credential, with PowerSchool paying the threat actors to delete the stolen information. While PowerSchool claims the data was deleted, sysadmins have found suspicious activity in their logs, including unusual exports and an IP address in Ukraine, raising questions about the extent of the breach and the effectiveness of the data deletion.