"PowerSchool has informed us that they have taken action with the hackers to ensure the unauthorized data was deleted without any further replication or dissemination."
"PowerSchool has informed us that they have taken action with the hackers to ensure the unauthorized data was deleted without any further replication or dissemination."
From a school system email:
PowerSchool has informed us that they have taken action with the hackers to ensure the unauthorized data was deleted without any further replication or dissemination. They do not anticipate any of the data being shared or made public and are working with cybersecurity experts and law enforcement to ensure ongoing data safety. PowerSchool indicated they will be providing credit monitoring to affected adults and identity protection services to affected minors in accordance with regulatory obligations.
You're viewing a single thread.
I feel like this is a euphemistic way of saying "we paid the ransom" without actually saying "we paid the ransom."
It is
But that is hardly a step toward assuring anything was deleted. Do the criminals really have a reputation at stake for keeping their word? Wouldn't that require we can confirm their identity?
It boils down to their reputation, which is honestly the only thing they truly have.
If they have a reputation of leaking date afterwards nobody is going to pay in the future.
So afaik, they don't resell or give it away. They also send "proof of deletion", but how fool proof that is is another question entirely.
In the FAQ, PowerSchool confirmed that the security incident was not ransomware in nature, but noted that it worked with CyberSteward, a Canadian organization that offers cyber-extortion incident response services, to negotiate with the threat actors responsible for the breach.
This confirms previous reporting that PowerSchool was the target of an extortion-only attack and that it paid a financial sum to prevent the hackers from publishing the stolen data.