PowerSchool Ransom Fails to Protect Student Data; Schools Extorted
PowerSchool, a K-12 software provider serving 60 million students, paid a ransom after a December 2024 data breach. The company believed this would prevent the release of stolen student and teacher data, including Social Security numbers and health information. The breach originated from a single stolen credential, granting hackers broad access to sensitive data.
Despite the ransom payment, schools are now being extorted. The Toronto District School Board, serving 240,000 students, confirmed receiving an extortion demand. Other North American schools, including some in North Carolina, have reported similar incidents.
Extortion Attempts Follow Unsuccessful Ransom Payment
PowerSchool admitted to paying the ransom, believing it was the best way to protect the data. However, this decision backfired. Cybersecurity experts often advise against paying ransoms, as there's no guarantee hackers will delete the data. This incident reinforces the risk of re-victimization through further extortion attempts.
PowerSchool confirmed the extortion attempts relate to the December 2024 breach. The company stated the data samples match the previously stolen information. The full extent of the breach remains unclear, but several affected school districts report that all their historical student and teacher data was compromised.
In Toronto, the compromised records date back to at least 2009, potentially affecting millions. This incident highlights the ongoing challenges schools and education technology providers face in protecting sensitive student data.
For more information on the initial breach, see previous coverage: PowerSchool Data Breach Report. Learn more about ransomware and extortion: Ransomware and Extortion.
