Months after the hacked training software program maker PowerSchool paid a hacker’s ransom to delete the corporate’s banks of stolen scholar knowledge, not less than one faculty district says it’s now being extorted by somebody who mentioned the information was not destroyed.
PowerSchool, which gives its Okay-12 software program to hundreds of colleges to assist 60 million college students throughout North America, was hacked in December 2024 utilizing a single stolen credential, which allowed a hacker broad entry to PowerSchool’s shops of personally identifiable scholar and trainer knowledge, together with Social Safety numbers and well being knowledge.
The corporate mentioned on the time that it had paid the hacker a ransom to allegedly delete the stolen knowledge, however it has repeatedly refused to reveal the sum it paid.
Now, Toronto’s district faculty board, which serves round 240,000 college students every year, mentioned in a press release that earlier this week it had “obtained a communication from a menace actor demanding a ransom utilizing knowledge from the beforehand reported incident.”
A number of different colleges in North America obtained extortion notes, together with throughout North Carolina, per native media.
PowerSchool confirmed that it had paid the ransom on the time, saying the corporate “thought it was the best choice for stopping the information from being made public.”
Some cybersecurity professionals and legislation enforcement have lengthy discouraged victims from paying a ransom, as there aren’t any ensures that the hackers will keep on with their phrase when claiming to delete stolen knowledge. As evidenced by previous ransomware and extortion incidents, some gangs had been later discovered to have retained big quantities of stolen sufferer knowledge, typically to revictimize affected people with further extortion makes an attempt.
In a press release shared with prospects this week, seen by information.killnetswitch, PowerSchool mentioned it “not too long ago grew to become conscious {that a} menace actor has reached out to some PowerSchool SIS prospects in an try and extort them utilizing knowledge” from the December 2024 breach.
Beth Keebler, a spokesperson for PowerSchool, informed information.killnetswitch that the corporate doesn’t suppose it is a new incident as a result of “samples of knowledge match the information beforehand stolen in December.”
PowerSchool has not but mentioned what number of people are affected by its data breach. A number of faculty districts that used PowerSchool on the time of the breach informed information.killnetswitch that “all” of their historic scholar and trainer knowledge was compromised
Within the case of Toronto’s faculty district, the stolen data date again to not less than 2009 and are prone to have an effect on tens of millions of individuals.
