By AJ Vicens
DETROIT (Reuters) -Hackers have tried to extort “multiple” school districts in the United States using previously stolen data from education software and cloud provider PowerSchool, the company said in a statement on Wednesday.
The California-based provider, which serves more than 60 million students globally, disclosed in December 2024 that personal information from its U.S. student information database had been stolen in a cybersecurity incident. The data stolen varied, the company said at the time, but could have included names, contact information, dates of birth, limited medical alert information, and social security numbers.
In an update on Wednesday the company said it was “aware that a threat actor has reached out to multiple school district customers in an attempt to extort them,” and for the first time acknowledged that the company paid a ransom for an undisclosed amount to the hackers responsible for the breach. The extortion attempts relied on data stolen as part of that incident, the company said.
The company made what it called “the difficult decision” to pay the ransom “because we believed it to be in the best interest of our customers and the students and communities we serve.” The company believed the hackers would delete the data, the company said, “based on assurances and evidence provided to us.”
Reuters could not establish whether the same hackers behind the original attack were behind the extortion tries. A person familiar with the extortion attempts told Reuters four school districts had been contacted. It was not clear where those districts are located.
PowerSchool did not respond to a request for comment.
Bain Capital took PowerSchool private in a deal worth $5.6 billion in June 2024.
(Reporting by AJ Vicens in Detroit, Editing by Rosalba O’Brien)