PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to release the previously stolen student and teacher data if a ransom is not paid.
"PowerSchool is aware that a threat actor has reached out to multiple school district customers in an attempt to extort them using data from the previously reported December 2024 incident," PowerSchool shared in a statement to BleepingComputer.
"We do not believe this is a new incident, as samples of data match the data previously stolen in December. We have reported this matter to law enforcement both in the United States and in Canada and are working closely with our customers to support them. We sincerely regret these developments – it pains us that our customers are being threatened and re-victimized by bad actors."
PowerSchool apologized for the ongoing threats caused by the breach and says they will continue to work with customers and law enforcement to respond to the extortion attempts.
The company also recommends that students and faculty take advantage of the free two years of credit monitoring and identity protection to protect against fraud and identity theft. More details about this can be found in the company's
security incident FAQ.
PowerSchool also reflected on their choice to pay the ransom demand, stating that it was a difficult decision but hoping it would protect its customers.
