PowerSchool Hack Spurs Extortion Threats to Clients

PowerSchool, a major provider of education technology, is facing downstream extortion threats following a cyberattack that occurred in December. The company reportedly paid a ransom after the intrusion. Now, a threat actor is leveraging stolen data obtained during the breach to target PowerSchool’s customers, attempting to extort them directly.

The attack underscores the growing risks associated with supply chain breaches, where the impact extends beyond the initial victim. In this case, the fallout is spreading to schools and institutions that rely on PowerSchool’s services for managing student information and administrative functions.

While the company has not publicly confirmed the extent of the compromised data, the emergence of extortion efforts suggests that sensitive information may be in the hands of cybercriminals. Customers affected by the incident are being urged to remain vigilant and monitor for suspicious activity. The full scope of the damage remains unclear as investigations into the breach continue.