Cyberattack on nonprofit affects over 500k PA school workers

The Pennsylvania State Education Association (PSEA) says a July 2024 “security incident” exposed sensitive personal data on more than half a million individuals, including financial and health info.

The nonprofit, which represents more than 178,000 education professionals in the US state of Pennsylvania, confirmed data was stolen during a July 6 attack. According to The Office of the Maine Attorney General, the breach affected a total of 517,487 people

[…]

The org’s disclosure notice stated: “…we determined that the data acquired by the unauthorized actor contained some personal information belonging to individuals whose information was contained within certain files within our network.

“We took steps, to the best of our ability and knowledge, to ensure that the data taken by the unauthorized actor was deleted. We want to make the impacted individuals aware of the incident and provide them with steps they can take to further protect their information.”

Although PSEA’s disclosure didn’t explicitly mention ransomware or extortion, it did say that steps were taken to ensure the stolen data was deleted — a claim that typically implies some level of communication with the attackers, often seen in double extortion cases.

Adding weight to that suspicion, the Rhysida ransomware gang publicly claimed responsibility for the attack in September 2024, suggesting ransomware was involved.

[…]

PSEA emphasized that not every individual had the same data elements compromised. The exposed information may include an individual’s full name in combination with one or more other type of personal data.

The possible data types stolen include the usual personally identifiable information (PII) such as full names and dates of birth, and identity documents such as driver’s licenses, state IDs, and social security numbers (SSNs).

In addition to basic PII, the nonprofit also said account numbers, account PINs, security codes, passwords, routing numbers, payment card numbers, card PINs, and expiration dates might have been taken.

The list doesn’t stop there: Passport numbers, taxpayer ID numbers, usernames and passwords, health insurance information, and finally medical information are potentially in the hands of cybercriminals.

[…]

Source: Cyberattack on nonprofit affects over 500k PA school workers • The Register

Robin Edgar

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

 robin@edgarbv.com  https://www.edgarbv.com