The DeKalb County School District posted a statement on its website this week that says some parents are being notified by a school nutrition technology services company that their child’s personal information could have been exposed in a 2019 security breach.

PCS Revenue Control Systems, Inc. this month sent letters to parents stating that the company in December 2019 detected an unauthorized access to files and records of school meal programs it manages, the district’s statement said.

PCS said in a statement that the breach potentially exposed students’ names, identification numbers, dates of birth and Social Security numbers. While PCS said it found no evidence that the information was misused, credit monitoring services were provided for affected families. The company also said it conducted a review of its system to identify areas where security could be tightened.

A PCS customer relations representative said its investigation is active, but declined to how many students may have been affected. The school district didn’t immediately respond Monday to a request for that data.

PCS’ letter to parents this month states the breach obtained access to a server that belonged to Advanced Business Technology, a company it acquired in 2016, according a copy of the document obtained by The Atlanta Journal-Constitution.

PCS provides services such as web-based meal prepayment methods, free and reduced-priced meal application processing and claims reporting to K-12 public school systems, according to its website. The DeKalb district said it used Advanced Business Technology for several years until the 2016-2017 school year.

DeKalb County schools said in its statement that it was informed of breach last week and that it has not experienced a security breach of its systems. It also said it’s asking PCS for more information surrounding the December 2019 incident.