Months after the hacked training software program maker PowerSchool paid a hacker’s ransom to delete the corporate’s banks of stolen pupil knowledge, not less than one college district says it’s now being extorted by somebody who mentioned the info was not destroyed.
PowerSchool, which supplies its Ok-12 software program to 1000’s of colleges to help 60 million college students throughout North America, was hacked in December 2024 utilizing a single stolen credential, which allowed a hacker broad entry to PowerSchool’s shops of personally identifiable pupil and trainer knowledge, together with Social Security numbers and well being knowledge.
The firm mentioned on the time that it had paid the hacker a ransom to allegedly delete the stolen knowledge, however it has repeatedly refused to reveal the sum it paid.
Now, Toronto’s district college board, which serves round 240,000 college students every year, mentioned in an announcement that earlier this week it had “obtained a communication from a risk actor demanding a ransom utilizing knowledge from the beforehand reported incident.”
Several different faculties in North America obtained extortion notes, together with throughout North Carolina, per native media.
PowerSchool confirmed that it had paid the ransom on the time, saying the corporate “thought it was the most suitable choice for stopping the info from being made public.”
Some cybersecurity professionals and regulation enforcement have lengthy discouraged victims from paying a ransom, as there aren’t any ensures that the hackers will keep on with their phrase when claiming to delete stolen knowledge. As evidenced by previous ransomware and extortion incidents, some gangs have been later discovered to have retained enormous quantities of stolen sufferer knowledge, usually to revictimize affected people with extra extortion makes an attempt.
In an announcement shared with clients this week, seen by TechCrunch, PowerSchool mentioned it “lately grew to become conscious {that a} risk actor has reached out to some PowerSchool SIS clients in an try and extort them utilizing knowledge” from the December 2024 breach.
Beth Keebler, a spokesperson for PowerSchool, advised TechCrunch that the corporate doesn’t suppose it is a new incident as a result of “samples of information match the info beforehand stolen in December.”
PowerSchool has not but mentioned what number of people are affected by its knowledge breach. Several college districts that used PowerSchool on the time of the breach advised TechCrunch that “all” of their historic pupil and trainer knowledge was compromised
In the case of Toronto’s college district, the stolen information date again to not less than 2009 and are more likely to have an effect on tens of millions of individuals.
