A threat actor has contacted multiple school districts demanding payments related to student and staff data stolen in a December breach.
Dive Brief:
- Threat actors are trying to extort some public schools by threatening them with teacher and student information stolen in a December 2024 data breach of PowerSchool’s Student Information System, according to recent statements from the ed tech software provider and the North Carolina Department of Public Instruction.
- PowerSchool confirmed on Wednesday that it paid a ransom to threat actors shortly after the Dec. 28, 2024, data breach. The company added that it believes the threat actors seeking ransoms from schools are using the same compromised data set from the December incident, which included student and staff names, contact information, some Social Security numbers, medical notes and a limited number of passwords.
- While PowerSchool’s December data breach appeared to impact a wide range of school districts across North America, a spokesperson on Friday told K-12 Dive that the threat actors have only contacted four school districts. Schools in locations ranging from North Carolina to Toronto began to report receiving such ransom threats this week.
