Months after the Powerschool educational software breach paid for the redemption of a hacker to delete the banks of the company’s stolen data, at least one school district says it is now spreading by someone who said the data was not destroyed.
Powerschool, which provides the K-12 software to thousands of schools to support 60 million students across North America, engraved in December 2024 using a single stolen credentials, which allowed Hacker’s widespread access to the staff of personal and personal data.
The company then stated that it had paid hacker a ransom to delete the stolen data, but has repeatedly refused to disclose the amount it paid.
Now, the Toronto District School Council, which serves about 240,000 students each year, said in a statement That earlier this week “received a communication from an actor threat requiring ransom using data from the previously mentioned incident”.
Several other schools in North America received blackmail notes, including North Carolina, per local medium.
Powerschool confirmed that it had paid the ransom at the time, saying that the company “thought it was the best choice for the prevention of data to be made public”.
Some cyberspace professionals and law enforcement have long discouraged victims to pay ransom, as there are no guarantees that hackers will remain in their speech when they claim to delete stolen data. As evidenced by past ransomware and incidents of blackmail, some gangs were later found that they have maintained huge quantities of stolen victim data, often to rejuvenate the affected people with additional blackmail efforts.
In a statement shared with customers this week, seen by TechCrunch, Powerschool said that “recently he knew that an actor threat has reached some Powerschool sis customers in an attempt to neutralize them using data” from the December 20th breach of 2024.
Beth Keebler, a Powerschool spokesman, told TechCrunch that the company does not believe this is a new incident because “data samples match the data previously closed in December”.
Powerschool has not yet said how many people are affected by the breach of its data. Several school districts used by Powerschool at the time of the breach told Techcrunch that “all” of historical students and their data were taught at risk
In the case of the Toronto school area, stolen files date back to at least 2009 and are likely to affect millions of people.
