Topics

Latest

AI

Amazon

Article image

Image Credits:Zf L / Getty Images

Apps

Biotech & Health

clime

an illustration of patterned 100 dollar bills on a green background

Image Credits:Zf L / Getty Images

Cloud Computing

mercantilism

Crypto

Enterprise

EVs

Fintech

fund-raise

gadget

Gaming

Google

Government & Policy

ironware

Instagram

Layoffs

Media & Entertainment

Meta

Microsoft

Privacy

Robotics

Security

Social

Space

startup

TikTok

Transportation

speculation

More from TechCrunch

event

Startup Battlefield

StrictlyVC

Podcasts

video

Partner Content

TechCrunch Brand Studio

Crunchboard

Contact Us

month after the hacked Department of Education software package maker PowerSchool paid a hacker ’s ransom to delete the company ’s banks of stolen student data , at least one school day district says it is now being extorted by someone who said the data was not put down .

PowerSchool , which cater its K-12 software package to thousands of schools to support 60 million pupil across North America , was hacked in December 2024 using a exclusive stolen credential , whichallowed a cyberpunk all-inclusive accessto PowerSchool ’s storage of in person identifiable bookman and instructor information , include Social Security numeral and wellness data .

The company sound out at the clip that ithad paid the hacker a ransom to allegedly edit the slip datum , but it has repeatedly refused to disclose the amount of money it paid .

Now , Toronto ’s district school board , which suffice around 240,000 students each twelvemonth , saidin a statementthat earlier this hebdomad it had “ received a communicating from a menace actor demanding a ransom using data from the antecedently reported incident . ”

Several other schools in North America meet extortion note , including across North Carolina , per local media .

PowerSchool reassert that it had paid the ransom at the time , saying the company “ thought it was the good pick for preventing the data from being made public . ”

Some cybersecurity professionals and law enforcement have long discourage victim from paying a ransom , as there are no guarantees that the hacker will adhere to their word when claim to delete stolen data . As testify by pastransomwareandextortionincidents , some gangs were later found to have retained huge amounts of stolen dupe data point , often torevictimize affected person with extra extortion attempts .

In a statement shared with client this week , seen by TechCrunch , PowerSchool said it “ recently became aware that a scourge actor has reached out to some PowerSchool SIS customers in an endeavor to extort them using data ” from the December 2024 falling out .

Beth Keebler , a interpreter for PowerSchool , enjoin TechCrunch that the company does not think this is a new incident because “ samples of data match the data point previously stolen in December . ”

PowerSchool has not yet said how many individuals are affected by its data breach . Several school districts that used PowerSchool at the time of the breach enjoin TechCrunch that “ all ” of their historical student and instructor data was compromise

In the lawsuit of Toronto ’s school dominion , the stolen record date back to at least 2009 and are potential to touch on millions of people .