PowerSchool Admits Ransom Payment Amid Fresh Extortion Demands
PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted
Ransom-related coverage examines extortion demands, data theft, and disruption caused when attackers lock or threaten to expose systems.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malicious software that disrupts access to systems or data, typically by encrypting files, to pressure a victim into paying. Modern campaigns may also steal data and threaten to publish it, making the demand a form of extortion even when encryption is unsuccessful. Common access routes include phishing, exposed remote services, stolen credentials, and unpatched vulnerabilities, though no single route is universal.
Important safeguards include regularly tested, offline or otherwise isolated backups; multifactor authentication and least-privilege access; network segmentation; and timely remediation of known, internet-facing vulnerabilities. During an incident, organizations should isolate affected systems, preserve evidence, identify the scope of compromise, and coordinate recovery and legal or regulatory decisions. Payment does not guarantee data recovery or deletion. Threat intelligence may help identify associated infrastructure or available decryptors, while documented recovery plans reduce dependence on an attacker’s demands.
PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted
After Vendor Paid for Data-Deletion Promise, Criminals Extort Schools DirectlyStudents, gather round for the sad story of how PowerSchool got schooled by hackers, who stole data on students and teachers. After PowerSchool paid a ransom for a guarantee that the data would be deleted, the bad hackers failed to honor their promise.
Criminals Extort School Employees After Vendor Paid for Data-Deletion PromiseStudents, gather round for the sad story of how PowerSchool got schooled not once, but twice. Surprise: attackers who received a ransom payment in return for a promise to delete data they stole from PowerSchool pertaining to students and teachers didn't actually delete the data.
Now individual school districts extorted by fiends An education tech provider that paid a ransom to prevent the leak of stolen student and teacher data is now watching its school district customers get individually extorted by either the same ransomware crew that hit it – or someone connected to the crooks.…
PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to release the previously stolen student and teacher data if a ransom is not paid. [...]
The data-theft extortion group known as Luna Moth, aka Silent Ransom Group, has ramped up callback phishing campaigns in attacks on legal and financial institutions in the United States. [...]