PowerSchool paid thieves to delete stolen student, teacher data. Crooks may have lied

An education tech provider that paid a ransom to prevent the leak of stolen student and teacher data is now watching its school district customers get individually extorted by either the same ransomware crew that hit it – or someone connected to the crooks.

In December, PowerSchool – whose student information management system holds records on more than 60 million K-12 students (ages 5 to 18) primarily in North America – suffered an IT security breach: Extortionists used a compromised login credential to access and exfiltrate from its systems sensitive information on kids and adults.

The stolen data included names, contact information, dates of birth, some medical info, Social Security numbers, and other "related information," the software vendor said at the time.

This wasn't a traditional ransomware attack as no files were encrypted; instead, it was a simple data heist using a stolen cred. PowerSchool paid off the thieves to not just ...