麻豆精品

Get stories like this delivered straight to your inbox. Sign up for 麻豆精品 Newsletter

Cybercriminals demanded ransom payments from school districts nationwide this week, using millions of K-12 students鈥� sensitive data as leverage after the files were stolen from education technology giant PowerSchool in a massive cyberattack late last year. 

The hackers鈥� new demands for bitcoin payments, emailed to school officials across the country seemingly at random over the last several days, undercut the ed  tech behemoth鈥檚 decision to in December to prevent the sensitive records from being shared publicly. In exchange for the payment, the company said hackers provided a video of them deleting some of the stolen files, which include records with some 62.4 million students鈥� and 9.5 million educators鈥� personal information.

It appears the cybercriminals 鈥� perhaps predictably 鈥� didn鈥檛 keep their end of the bargain. 

In North Carolina, employees of at least 20 school districts and the state Department of Public Instruction received dozens of extortion demand emails from the hackers, officials said during a Wednesday evening press conference. Superintendent of Public Instruction Maurice Green said information about the hackers鈥� demands to local educators will be shared with the state attorney general鈥檚 office, which is investigating the fallout from the December attack. 

鈥淎t the time of the original incident notification in January of this year, PowerSchool did assure its customers that the compromised data would not be shared and had been destroyed,鈥� Green said. 鈥淯nfortunately, that, at least at this point, is proving to be incorrect.鈥� 

The company, which Boston-based private equity firm Bain Capital acquired for $5.6 billion in October, has faced a barrage of lawsuits since it acknowledged the attack in January. The latest escalation could open it to greater legal exposure. 

In a statement Wednesday, PowerSchool acknowledged the threat actors鈥� direct outreach to schools 鈥渋n an attempt to extort them using data鈥� stolen during the December breach. Samples of data supplied to school leaders 鈥渕atch the data previously stolen in December,鈥� the company said. 

It referred to a 鈥渄ifficult decision,鈥� one its leadership team 鈥渄id not make lightly,鈥� to pay the ransom demand in the days after the attack, believing it was the best option to protect students鈥� records. Social Security numbers, special education records and detailed medical information.

鈥淎s is always the case with these situations, there was a risk that the bad actors would not delete the data they stole, despite assurances and evidence that were provided to us,鈥� the company said in a statement on Wednesday. 鈥淲e sincerely regret these developments 鈥� it pains us that our customers are being threatened and re-victimized by bad actors.鈥�

Vanessa Wrenn, the chief information officer at the North Carolina Department of Public Instruction, said school officials were contacted 鈥渢hrough various emails,鈥� including to both their work and personal email addresses, seemingly based on the hackers鈥� ability to find their contact information online. Wrenn said state officials had been in contact with educators in Oregon, who received similar demands. In Toronto, Canada, Wednesday they were 鈥渕ade aware that the data was not destroyed鈥� when the threat actor contacted them directly. 

鈥淲e could not find any type of trend in who they picked to email. We tend to think it鈥檚 emails that they could publicly find and contacted that person,鈥� Wrenn said. 鈥淭his exact same communication has been sent to other school districts and other states across the United States today and yesterday and broadly across the globe two days earlier.鈥� 

Though they confirmed just a subset of districts received the ransom demands, she said the situation puts the data of all students statewide at risk because all North Carolina public districts currently rely on PowerSchool鈥檚 student information system. 

That鈥檚 about to change. Green said the state鈥檚 contract with PowerSchool ends in July and officials have chosen to migrate to competitor Infinite Campus 鈥� in part because of its promise of better cybersecurity practices. 

鈥淚t is completely unfortunate that the perpetrators are preying on innocent children and dedicated public servants,鈥� Green said. 鈥渨e are, as I mentioned earlier, working closely with law enforcement to do everything we can do to ensure that the responsible parties are held accountable for their actions.鈥�

PowerSchool said it reported the latest extortion attempt to law enforcement in the United States and Canada and is working 鈥渃losely with our customers to support them.鈥�

Get stories like these delivered straight to your inbox. Sign up for 麻豆精品 Newsletter