The Pennsylvania State Education Association — the state's largest public-sector union that caters to over 177,000 public school workers — has confirmed that 517,487 individuals had their data pilfered following a July cyberattack, according to The Record, a news site by cybersecurity firm Recorded Future.
Investigation into the incident that concluded last month revealed that infiltration of PSEA's systems on July 6 resulted in the exfiltration of individuals' state and taxpayer IDs, Social Security numbers, passport numbers, payment card details, financial account details, medical information, and health insurance details, said the union in breach notifications filed with Maine, Massachusetts, and New Hampshire regulators. PSEA's disclosure comes months after the intrusion was claimed by the Rhysida ransomware operation, which also took credit for targeting U.S. disability services nonprofit Easterseals, Ohio's City of Columbus, New Jersey's City of Hoboken, the Port of Seattle, and Maryland's Prince George's County Public Schools, as well as the British Library and the government of Kuwait.
