US school districts face extortion threat after major cyberattack, Software firm confirms
A wave of extortion attempts has hit school districts across the United States following a major cybersecurity breach at education software provider PowerSchool, the company confirmed on Wednesday.PowerSchool, headquartered in California and serving over 60 million students globally, revealed that hackers are now leveraging sensitive data stolen in a previously reported cyberattack. The breach, first disclosed in December 2024, involved unauthorized access to a student information database containing names, contact details, dates of birth, limited medical alert data, and Social Security numbers.In its latest statement, the company said, “We are aware that a threat actor has reached out to multiple school district customers in an attempt to extort them” as reported by Reuters.
Company admits to paying ransom
For the first time since the incident, PowerSchool acknowledged it paid a ransom to the hackers. The company did not disclose the amount but described the decision as “difficult,” adding that it was made in the interest of protecting students, families, and school communities.The company stated, “ We believed the hackers would delete the data based on assurances and evidence provided to us,” as quoted by Reuters, signaling trust in the hackers’ claim — a move experts have cautioned against in other cases.
Scope of extortion attempts remains unclear
A source familiar with the situation told Reuters that four school districts had been directly contacted by the threat actors. However, the exact number and locations of the affected districts have not been publicly identified.It also remains uncertain whether those behind the extortion efforts are the same individuals responsible for the original breach. Law enforcement agencies have not issued statements regarding any ongoing investigations.
Cybersecurity fears grow in education sector
The incident highlights persistent vulnerabilities in the US education system, which has increasingly become a target for cybercriminals. As more schools rely on cloud-based platforms for storing student data, cybersecurity gaps leave millions of records at risk.Cybersecurity experts warn that even with ransom payments, there is no guarantee data will be destroyed or that similar attacks won’t follow. Districts are now scrambling to assess their exposure and reinforce digital defences.
No word yet on further attacks
PowerSchool has not indicated whether additional districts are at risk of being contacted or if further ransom demands could surface. For now, the company says it is continuing to support affected customers and coordinate with cybersecurity professionals to prevent further fallout.
