Texas Attorney General Kane Pasteon is near Filed a case Against the education software company Powerscool, which faced a massive data violation in December, highlighting the personal information of 62 million students, including more than 880,000 Texas.
Powerschool K-12 is a cloud-based software solution provider for schools and districts, with over 18,000 customers and supports over 60 million students worldwide.
In January, the education software giant revealed that its Powerors Customer Support Portal was violated on December 19, 2024 using the theft of a subcontinent. The attacker demanded a ransom of $ 2.85 million in bitcoin on December 28, 2024, after stealing the full name, physical addresses, phone numbers, passwords, parents’ information, contact details, social security numbers and medical data of the affected students and faculty.
As Bleepingcomputer first reported, in December 2024, the actor behind the Powers School Breech claimed that the US, Canada and other countries stole the personal data of 62.4 million students and 9.5 million teachers from 6,505 school districts in the US, Canada and other countries.
To take appropriate measures to protect the sensitive information assigned by Texas’s families and school districts and take appropriate measures and Office of Texas General Office of Texas, Texas Said,
“If Big Tech feels that they can benefit from managing children’s data while cutting corners on security, then they are wrong. Parents never need to worry that the information they provide for their children to enroll in school can be stolen and misused. My office will do everything that we can be responsible for the students, teachers, and families of Texas.”
The attacker takes out schools, guilty
In a private FAQ shared with customers and at that time by bleepingcomputer, Powerschool admitted that he had paid ransom to prevent data from disclosing and obtained a video from the attacker claiming that the stolen data was erased.
However, someone who claimed to be a shinniers personally started to get out school districts in early May, threatening to release stolen student and teacher data in advance if the ransom was not paid.
The leader of the Shinyhunters claimed the bleepingcomputer that the person was an affiliation to implement the hacking group, which tried to re -create the powerscool with the stolen data in the earlier breech of September 2024. Craudastric,
Later that month, 19 -year -old college student Matthew D. Lane Worster, from Massachusetts, with the help of many other conspirators, convicted the large-scale cyber attack on the powerchul and attempted to exchange millions of dollars, which did not leak the stole figures of millions of people.
According to school notice and A Databreaches.net The report, the ransom demands sent to the school districts claimed to be from Shainhemers, a high-profile group of threats associated with a wide range of danger, which affected hundreds of crores of people.
In March, Powerscool also published a crowdstruk investigation in the incident, which revealed that the danger actors also violated the Powerrsourse in August and September 2024, using the same compromised credentials. However, the cyber security company was not finding evidence that the same attacker was responsible for the three violations.
Update 9/4/25: Information about shinyhunters affiliated.
The passwords broke in 46% of the atmosphere, almost doubled by 25% last year.
Picus Blue Report 2025 Now get a wider look at more conclusions on prevention, detection and data exfIs.
