The Pennsylvania State Education Association (PSEA) has reported a significant data breach affecting 501,183 educational professionals, including teachers and nurses, after an unauthorized third party accessed its systems. This breach, attributed to the cybercriminal group Rhysida, exposed a range of sensitive personal information like Social Security numbers and financial data. PSEA's delayed notification—over eight months after the breach occurred on July 6, 2024—raises concerns over potential violations of state and federal laws regarding data protection and timely communication with affected individuals.
On or about March 17, 2025, PSEA notified individuals that an unauthorized third party gained access to its systems, compromising sensitive personal information.
According to PSEA, the breach occurred on July 6, 2024, but PSEA did not notify affected individuals until over eight months later, which may have violated state and federal laws.
Rhysida, a known cybercriminal organization, has targeted a wide range of industries in past attacks, often encrypting files and demanding ransom payments for decryption keys.
PSEA recently informed individuals that sensitive information such as social security numbers and health insurance details may have been stolen in the breach.
Collection
[
|
...
]