Threat actors are attempting to extort public schools by threatening to release stolen student and staff data from a December 2024 PowerSchool breach. PowerSchool paid a ransom to prevent the data from becoming public, highlighting the ongoing risks of data breaches in educational systems.
Affected: North American school districts, PowerSchool, North Carolina Department of Public Instruction.
Affected: North American school districts, PowerSchool, North Carolina Department of Public Instruction.
Keypoints
- Cybercriminals are using stolen data to threaten extortion of public schools.
- PowerSchool paid a ransom after a significant data breach in December 2024.
- The breach involved sensitive information like Social Security numbers, contact details, and medical notes.
- Many schools are vulnerable due to lack of multifactor authentication on support portals.
- Law enforcement and the affected schools are working with PowerSchool to address the incident.
Read More: https://www.k12dive.com/news/powerschool-data-breach-school-extortion-attempts/747690/