The Pennsylvania State Education Association (PSEA), a major labor union representing educators, has confirmed that cybercriminals stole sensitive personal data belonging to more than half a million of its members.
PSEA, the largest organization for educators in Pennsylvania, represents a wide range of professionals, including teachers, counselors, school healthcare staff, and social workers.
Massive Data Breach Exposes Personal Information
According to a disclosure filed with Maine’s attorney general, PSEA experienced a cyberattack in July 2024. During the breach, unauthorized individuals infiltrated the union’s network and accessed private information of more than 517,000 people.
The compromised data includes highly sensitive details such as Social Security numbers, government-issued ID documents, passport numbers, medical records, and financial details—including credit and debit card numbers along with associated PINs and expiration dates. Additionally, member account credentials, including passwords, security codes, and PINs, were also exposed.
PSEA assured members in a notification letter that not every affected individual had all their personal data stolen. However, the organization did not specify how many members had which types of information compromised.
Possible Ransomware or Extortion Attack
The union also stated that it took action to ensure, “to the best of our ability and knowledge,” that the stolen data was deleted. This statement strongly suggests that PSEA was the victim of a ransomware or data extortion scheme and may have paid a ransom to prevent further leaks.
However, paying a ransom does not guarantee that the hackers will erase the stolen information. Cybercriminals have a history of retaining data even after receiving payment. For example, the dismantling of the notorious LockBit ransomware group in 2023 revealed that they continued to store data from past victims who had paid for its deletion.
Concerns Over Long-Term Risks
The breach raises significant concerns about identity theft and financial fraud for the affected members. Given the sensitivity of the stolen information, PSEA members are at risk of phishing attacks, fraud attempts, and unauthorized access to their financial accounts.
The union has yet to disclose whether it is offering identity theft protection services to those impacted. Meanwhile, cybersecurity experts recommend that affected individuals take immediate precautions, such as monitoring their financial statements, changing passwords, and freezing their credit if necessary.
