PowerSchool has issued a warning that the hacker responsible for its December cyberattack is now extorting schools by threatening to release stolen student and teacher data unless a ransom is paid. The company is working with law enforcement and recommends credit monitoring to affected individuals. (Affected: educational institutions and their data systems)
Keypoints :
- The hacker behind PowerSchoolβs December breach is now extorting schools by threatening data release.
- PowerSchool has reported the extortion attempts to law enforcement in the US and Canada.
- The breach involved stolen data including personal and academic information of students and teachers.
- PowerSchool paid a ransom in hopes of preventing the public leak of stolen data, despite the risks.
- Most of the data stolen was from a breach in August and September 2024, using compromised credentials.
- They advise affected individuals to use free credit monitoring and identity protection services.
- Experts warn against paying ransoms, as threat actors often do not delete stolen data as promised.