Particle.news

Download on the App Store

PowerSchool Data Breach Fuels New Wave of School District Extortion

Hackers are using data stolen in a December 2024 breach to target individual districts, despite PowerSchool's earlier ransom payment.

A man uses a computer keyboard in Toronto in this Sunday, Oct. 9 photo illustration. THE CANADIAN PRESS/Graeme Roy
A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, hackers staged a cyber assault with a self-spreading malware that has infected tens of thousands of computers in nearly 100 countries. REUTERS/Kacper Pempel/Illustration
Time-tracking software can monitor the websites workers visit and the programs they use and log keystrokes and take screenshots.
The PowerSchool breach stole data from school boards across North America last December. Now, some boards are being targeted with ransom demands linked to that stolen information.

Overview

  • Hackers are now extorting individual school districts using data stolen in the December 2024 PowerSchool breach.
  • PowerSchool previously paid an undisclosed ransom to prevent the release of stolen data, but the hackers appear to have retained it.
  • The stolen data includes sensitive information such as Social Security numbers, medical records, and contact details for students and teachers.
  • PowerSchool has reported these extortion attempts to law enforcement in the U.S. and Canada and is offering two years of credit monitoring to affected individuals.
  • Security experts caution against paying ransoms, as there are no guarantees that stolen data will be deleted, a risk highlighted by this incident.