Hackers Steal Sensitive Data on Over 500,000 PSEA Members in Ransomware Attack

The breach exposed Social Security numbers, financial details, and medical information, prompting legal investigations and concerns over data misuse.

The Pennsylvania State Education Association (PSEA) confirmed a July 2024 cyberattack affecting over 500,000 individuals, including educators and associated professionals.
Stolen data includes Social Security numbers, passport details, financial information, health insurance, and medical records, though not all data elements were taken for every individual.
PSEA implied the attack involved ransomware or extortion and stated efforts were made to ensure stolen data was deleted, though such guarantees are unreliable.
Lynch Carpenter LLP is investigating potential legal claims against PSEA on behalf of affected individuals, who may be entitled to compensation.
The breach highlights ongoing cybersecurity challenges in protecting sensitive data and raises concerns about the long-term risks of misuse or retention by attackers.