In a recent development, more than 500,000 current and former members of the Pennsylvania State Education Association (PSEA) have been notified of a data breach that occurred on July 6, 2024. The breach impacted a total of 517,487 individuals, according to a statement on the website of the Office of the Maine Attorney General.
The PSEA conducted a thorough investigation into the incident and concluded on February 18 of this year that an unauthorized threat actor had gained access to personal information belonging to its members. The organization clarified in a notification letter that not all data elements were acquired for every affected individual. However, the compromised data may include sensitive information such as full names, dates of birth, driver’s license or state ID numbers, social security numbers, account numbers, passwords, payment card details, passport numbers, health insurance information, and more.
It is believed that the Rhysida ransomware-as-a-service gang was behind the breach, although specific details were not disclosed in the notification. The PSEA stated that it took measures to ensure that the stolen data was deleted, implying that a ransom may have been paid to the threat actors. Despite this, there is no evidence to suggest that the information has been used for identity theft or financial fraud. However, the possibility of the data being monetized remains a concern. The extensive array of sensitive information exposed in the breach could be exploited by cybercriminals for various fraudulent activities, including payment, insurance, and tax fraud, as well as phishing attacks.
Andrew Costis, an engineering manager at AttackIQ, warned against making ransom payments to cybercriminals, as it does not guarantee a positive outcome and may further incentivize future attacks. Costis emphasized the importance of organizations rigorously testing their security controls to identify and address vulnerabilities proactively.
As Pennsylvania’s largest union for the education sector, the PSEA represents over 180,000 educators and support staff in the state. The breach serves as a stark reminder of the ongoing threat posed by cybercriminals and the critical need for organizations to strengthen their cybersecurity defenses to protect sensitive information and prevent future incidents. By conducting regular security assessments and testing their defenses against potential threats, organizations can enhance their security posture and reduce the risk of data breaches and cyber attacks.