Months after the hacked schooling software program maker PowerSchool paid a hacker’s ransom to delete the corporate’s banks of stolen pupil information, not less than one college district says it’s now being extorted by somebody who mentioned the information was not destroyed.
PowerSchool, which offers its Ok-12 software program to hundreds of colleges to assist 60 million college students throughout North America, was hacked in December 2024 utilizing a single stolen credential, which allowed a hacker broad entry to PowerSchool’s shops of personally identifiable pupil and trainer information, together with Social Safety numbers and well being information.
The corporate mentioned on the time that it had paid the hacker a ransom to allegedly delete the stolen information, but it surely has repeatedly refused to reveal the sum it paid.
Now, Toronto’s district college board, which serves round 240,000 college students annually, mentioned in a statement that earlier this week it had “acquired a communication from a menace actor demanding a ransom utilizing information from the beforehand reported incident.”
A number of different faculties in North America acquired extortion notes, together with throughout North Carolina, per local media.
PowerSchool confirmed that it had paid the ransom on the time, saying the corporate “thought it was the most suitable choice for stopping the information from being made public.”
Some cybersecurity professionals and legislation enforcement have lengthy discouraged victims from paying a ransom as there aren’t any ensures that the hackers will follow their phrase when claiming to delete stolen information. As evidenced by previous ransomware and extortion incidents, some gangs had been later discovered to have retained big quantities of stolen sufferer information, usually to revictimize affected people with further extortion makes an attempt.
In a press release shared with prospects this week, seen by TechCrunch, PowerSchool mentioned it “lately grew to become conscious {that a} menace actor has reached out to some PowerSchool SIS prospects in an try and extort them utilizing information” from the December 2024 breach.
Beth Keebler, a spokesperson for PowerSchool, informed TechCrunch that the corporate doesn’t suppose it is a new incident as a result of “samples of knowledge match the information beforehand stolen in December.”
PowerSchool has not but mentioned what number of people are affected by its information breach. A number of college districts that used PowerSchool on the time of the breach informed TechCrunch that “all” of their historic pupil and trainer information was compromised
Within the case of Toronto’s college district, the stolen information date again to not less than 2009 and are prone to have an effect on thousands and thousands of individuals.