PowerSchool, an educational technology company, suffered a severe cyberattack orchestrated by a 19-year-old hacker, Matthew Lane, who demanded a $2.9 million ransom to prevent leaking the personal data of over 70 million individuals, including 60 million students and 9 million teachers. The breach exposed highly sensitive information such as Social Security numbers, special education records, and medical conditions, leading to catastrophic reputational, financial, and operational consequences.The incident incurred costs exceeding $14 million, covering identity theft monitoring for victims, legal penalties, and restitution. Lane, motivated by greed and with a history of hacking, was sentenced to four years in prison and fined $25,000, though prosecutors had pushed for a harsher seven-year term. The attack not only jeopardized the privacy of millions but also eroded trust in PowerSchool’s ability to safeguard critical educational data, posing long-term risks to its business viability and customer retention.
Source: https://therecord.media/powerschool-hacker-sentenced-4-years
TPRM report: https://www.rankiteo.com/company/powerschool-group-llc
"id": "pow2392323101525",
"linkid": "powerschool-group-llc",
"type": "Ransomware",
"date": "10/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '70+ million (60+ million '
'students, 9+ million teachers)',
'industry': 'education/technology',
'name': 'PowerSchool',
'type': 'educational technology company'}],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': '70+ million',
'personally_identifiable_information': True,
'sensitivity_of_data': 'high (includes Social Security '
'numbers, special education status, '
'medical conditions)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'educational records',
'medical data']},
'date_publicly_disclosed': '2024-01',
'description': 'A 19-year-old Massachusetts man, Matthew Lane, hacked '
'educational technology company PowerSchool, demanding a $2.9 '
'million ransom in exchange for not leaking personal data of '
'over 70 million individuals. The breach exposed sensitive '
'information, including Social Security numbers, special '
'education status, and medical conditions of students and '
'teachers. The incident cost PowerSchool over $14 million, '
'including identity theft monitoring for victims. Lane was '
'sentenced to four years in prison and ordered to pay $14 '
'million in restitution.',
'impact': {'data_compromised': ['Social Security numbers',
'special education status',
'medical conditions'],
'financial_loss': '$14 million (including identity theft '
'monitoring)',
'identity_theft_risk': 'high (70+ million individuals affected)',
'legal_liabilities': '$14 million restitution + $25,000 fine'},
'initial_access_broker': {'high_value_targets': ['student and teacher PII']},
'investigation_status': 'completed (sentencing concluded)',
'motivation': 'greed',
'post_incident_analysis': {'corrective_actions': ['identity theft monitoring '
'for affected individuals']},
'ransomware': {'data_exfiltration': True, 'ransom_demanded': '$2.9 million'},
'references': [{'source': "Court filings and prosecutors' statements (as "
'reported in media)'}],
'regulatory_compliance': {'fines_imposed': '$25,000',
'legal_actions': ['criminal prosecution',
'4-year prison sentence',
'$14 million restitution']},
'response': {'law_enforcement_notified': True,
'remediation_measures': ['identity theft monitoring for '
'victims']},
'threat_actor': 'Matthew Lane',
'title': 'PowerSchool Ransomware Attack and Data Breach',
'type': ['ransomware', 'data breach']}