In July 2024, the Pennsylvania State Education Association (PSEA) experienced a significant data breach, affecting over 500,000 individuals. The hackers accessed sensitive personal information, including Social Security numbers, financial details, and medical records, from current and former members. PSEA confirmed that the stolen data was identified through a thorough investigation, concluding in February 2025, and warned affected individuals to take action by monitoring their accounts for suspicious activities.
The breach was initially suspected to be a case of ransomware or extortion, with the Rhysida ransomware gang claiming responsibility in September 2024.
This group, notorious for targeting various sectors, demanded a ransom and threatened to leak the data. Despite not confirming a ransom payment, PSEA’s communication implied the data was deleted, although such actions cannot be fully verified.
Rhysida’s targeted attack exposed valuable personal data, including government-issued IDs, medical insurance information, and financial records.
In response, PSEA offered free credit monitoring services to those whose data, especially Social Security numbers, were affected, providing a safety net for victims until June 2025. They also recommended placing fraud alerts and security freezes on affected accounts to minimize potential damage.
The Rhysida gang has been linked to several high-profile cyberattacks on various industries, particularly healthcare and government entities. This includes their attacks on hospitals and city governments, making them one of the most aggressive ransomware groups in operation. As Rhysida continues to evolve, both the FBI and CISA have issued warnings about the rising threat of ransomware attacks in multiple sectors.
Reference:
