The Pennsylvania State Schooling Affiliation (PSEA), the most important public-sector union in Pennsylvania, is notifying over half 1,000,000 people that attackers stole their private data in a July 2024 security breach.
The union represents over 178,000 schooling professionals, together with academics, help workers, larger schooling personnel, nurses, retired educators, and future academics.
“PSEA skilled a security incident on or about July 6, 2024 that impacted our community atmosphere,” the group stated in breach notification letters despatched to 517,487 people.
“By means of an intensive investigation and intensive overview of impacted knowledge which was accomplished on February 18, 2025, we decided that the info acquired by the unauthorized actor contained some private data belonging to people whose data was contained inside sure recordsdata inside our community.”
PSEA says the stolen data varies by particular person and consists of non-public, monetary, and well being knowledge, together with driver’s license or state IDs, social security numbers, account PINs, security codes, cost card data, passport data, taxpayer ID numbers, credentials, medical insurance and medical data.
The union gives free IDX credit score monitoring and identification restoration companies to people whose Social Safety numbers have been affected if they enroll by June 17, 2025. It additionally suggested these affected to watch their monetary account statements and credit score studies for suspicious exercise, receive a free credit score report, and place a fraud alert and/or a security freeze on their credit score recordsdata.
Breach claimed by Rhysida ransomware
Whereas PSEA did not attribute the assault to a particular menace actor, the Rhysida ransomware gang claimed the breach on September 9, 2024.
The cybercrime group demanded a 20 BTC ransom, threatening to leak the stolen knowledge if the ransom demand was not paid. Whereas PSEA did not share if it paid to forestall the info leak, the ransomware gang has eliminated the entry from their darkish net leak website.
The Rhysida ransomware-as-a-service (RaaS) operation surfaced nearly two years in the past, in Could 2023, and gained notoriety after breaching the British Library and the Chilean Military (Ejército de Chile).
The gang hacked Sony subsidiary Insomniac Video games in November 2023 and leaked 1,67 TB of paperwork after the sport studio refused to pay a $2 million ransom.
Rhysida ransomware associates additionally claimed a cyberattack on Lurie Kids’s Hospital in Chicago in February 2024, a number one U.S. pediatric acute care establishment that gives care to over 200,000 youngsters yearly, providing to promote the stolen knowledge for 60 BTC (roughly $3,700,000 on the time).
Extra just lately, the Singing River Well being System warned that almost 900,000 individuals’s knowledge was stolen in an August 2023 ransomware assault, and the Metropolis of Columbus, Ohio, notified 500,000 people of a data breach after a July 2024 Rhysida breach.
CISA and the FBI warned that Rhysida associates are behind many opportunistic assaults concentrating on organizations throughout a variety of business sectors, whereas the U.S. Division of Well being and Human Providers (HHS) has linked Rhysida to assaults concentrating on healthcare organizations.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and find out how to defend in opposition to them.
