The Pennsylvania State Training Affiliation (PSEA), a labor union representing educators throughout the state, says hackers stole the delicate private info of greater than half one million of its members.
PSEA is the most important group for educators in Pennsylvania, representing present and former lecturers, counselors, well being care staff, and college social staff.
In a submitting with Maine’s legal professional basic on Tuesday, PSEA stated it skilled a cyberattack in July 2024 that noticed an unauthorized actor entry its community to steal a trove of knowledge belonging to greater than 517,000 people.
The stolen knowledge consists of extremely delicate private info, comparable to members’ government-issued identification paperwork, Social Safety numbers, passport numbers, medical info, and monetary info containing card numbers, and their related PINs and expiration dates.
PSEA stated member account numbers, PINs, passwords, and security codes had been additionally accessed through the breach, in response to a letter despatched to affected people.
“We need to stress that not all knowledge components had been acquired for each impacted particular person,” PSEA instructed affected members within the letter.
PSEA additionally stated it “took steps, to one of the best of our potential and information, to make sure that the info taken by the unauthorized actor was deleted,” implying that PSEA was the goal of a ransomware or knowledge extortion assault, and subsequently paid a ransom demand to the hackers accountable.
Paying a ransom demand isn’t any assure that the malicious hackers deleted the stolen knowledge. Final 12 months’s takedown of the infamous LockBit ransomware gang unearthed proof that the gang’s hackers nonetheless retained reams knowledge belonging to victims who had paid a ransom demand.
PSEA didn’t reply to information.killnetswitch’s questions.
