Earlier this year, PowerSchool reported a major cyber incident. Hackers managed to steal vast amounts of data from the popular student information system. The company fell victim to a ransomware attack and decided to cooperate with the cyber criminals by paying them an undisclosed ransom. PowerSchool representatives confirmed that they watched a video of the hackers deleting all the stolen data. They thought the cyber incident was over and was in the past… until it wasn’t. It looks like the hackers were not really honest when they deleted the stolen info, as cybercriminals are now trying to blackmail school districts with the very same data.

Ransomware attack continues to haunt schools

While the hackers left PowerSchool alone after they paid the ransom, it appears that bad actors are now back for more, but this time, they are approaching schools. PowerSchool is taking a big reputational hit because even though they said they’ve dealt with the problem, it still haunts students and teachers from schools in both the USA and Canada. School districts from both Ontario and North Carolina have been approached by cyber gang members asking for cash. The leak includes sensitive personal information such as DOB, names, medical info, contact details, and Social Security Numbers (SSN)/Social Insurance Numbers (SIN). 

PowerSchool spokesperson Beth Keebler confirmed that there are no confirmed new data leaks. The data in the fraudster’s hands is likely the one from last year’s data breach. The very same one that was reportedly deleted after the ransom was paid. PowerSchool has not yet disclosed how many people were affected in the breach. They also haven’t shared the ransom amount paid to the fraudsters. The company provides software to thousands of schools across Canada and the USA. More than 60 million students and nearly 10 million teachers use the platform. Researchers believe the stolen data dates back to 2009.
Over 70 million people may now have their personal information exposed.

Why trusting cybercriminals is a risky move

It is an undisputed fact that sometimes cybercriminals delete stolen information after they receive a ransom. However, individuals and businesses need to remember that the hacker’s word means nothing. There’s no guarantee they delete stolen data. Sometimes, companies pay the ransom hoping to solve the issue. But they may get hacked again or find the data wasn’t erased.

If you wish to stay on top of your cyber security, make sure that you have adequate protection installed on all your connected devices like Panda Security solutions. The less protection you have on your smart devices, the more likely hackers are to infect your networks.