"PowerSchool has informed us that they have taken action with the hackers to ensure the unauthorized data was deleted without any further replication or dissemination."

jared@mander.xyz · 4 days ago

"PowerSchool has informed us that they have taken action with the hackers to ensure the unauthorized data was deleted without any further replication or dissemination."

sleepydragn1@lemmy.world · edit-2 4 days ago

I feel like this is a euphemistic way of saying “we paid the ransom” without actually saying “we paid the ransom.”

TonyTonyChopper@mander.xyz · 2 days ago

In the FAQ, PowerSchool confirmed that the security incident was not ransomware in nature, but noted that it worked with CyberSteward, a Canadian organization that offers cyber-extortion incident response services, to negotiate with the threat actors responsible for the breach.

This confirms previous reporting that PowerSchool was the target of an extortion-only attack and that it paid a financial sum to prevent the hackers from publishing the stolen data.

from https://techcrunch.com/2025/01/09/powerschool-says-hackers-stole-students-sensitive-data-including-social-security-numbers-in-data-breach/

Spaceman9000@infosec.pub · 4 days ago

It is

AmidFuror@fedia.io · 4 days ago

But that is hardly a step toward assuring anything was deleted. Do the criminals really have a reputation at stake for keeping their word? Wouldn’t that require we can confirm their identity?

Spaceman9000@infosec.pub · 4 days ago

It boils down to their reputation, which is honestly the only thing they truly have.

If they have a reputation of leaking date afterwards nobody is going to pay in the future.

So afaik, they don’t resell or give it away. They also send “proof of deletion”, but how fool proof that is is another question entirely.