Matthew Lane, a 19-year-old, will plead guilty to charges stemming from a cyberattack on PowerSchool, a student information system, where he allegedly stole login credentials and threatened to release sensitive data of millions of students and teachers unless a $2.85 million ransom was paid; PowerSchool confirmed a breach and payment of the initial ransom, but customer data was still subject to further extortion attempts, highlighting the risks associated with such payments.
Matthew Lane, a 19-year-old, is set to plead guilty to multiple charges, including cyber extortion and aggravated identity theft, following a significant cyberattack on PowerSchool, a widely used student information system. Lane is accused of illicitly acquiring login credentials and exfiltrating sensitive personal information—including names, Social Security numbers, and medical data—of millions of students and teachers, subsequently demanding a $2.85 million ransom. PowerSchool confirmed it experienced a data breach via its customer support portal, PowerSource, and acknowledged paying the ransom in an attempt to prevent public disclosure of the stolen data. However, this payment did not secure the data, as PowerSchool customers subsequently received further extortion threats. This outcome underscores the inherent risk, as PowerSchool itself noted, that malicious actors may not honor agreements even after a ransom is paid. The Department of Justice highlighted that Lane also breached and extorted an unnamed U.S.-based telecom company, indicating a pattern of cybercriminal activity. The incident has imposed substantial financial costs on victims and generated significant concern regarding the security of children's and teachers' private information.
AI-powered research, real-time alerts, and portfolio analytics for institutional investors.
Request a DemoOverall Sentiment
Negative
Sentiment Score
-0.60
