Major Breaches Impact Millions: Unacast and PowerSchool Compromised

On January 4, 2025, two major data breaches have come to light, affecting millions and raising serious concerns about data security. Unacast, a location tracking company, disclosed a breach involving its subsidiary Gravy Analytics, which resulted from unauthorized access via a misappropriated key. While the extent of the data exposure is still under investigation, the incident highlights risks associated with third-party access and API security.

In a separate incident, PowerSchool, a leading educational technology provider, revealed that over 60 million students in the U.S. and Canada were affected due to compromised credentials. The exposed data included sensitive personal information such as Social Security numbers and medical records, further emphasizing the need for robust identity and access management practices across educational institutions. Both breaches underscore the critical state of cybersecurity as organizations navigate increasingly sophisticated threats.