From a school system email:

PowerSchool has informed us that they have taken action with the hackers to ensure the unauthorized data was deleted without any further replication or dissemination. They do not anticipate any of the data being shared or made public and are working with cybersecurity experts and law enforcement to ensure ongoing data safety.  PowerSchool indicated they will be providing credit monitoring to affected adults and identity protection services to affected minors in accordance with regulatory obligations.

    • AmidFuror@fedia.io
      7·
      1 day ago

      But that is hardly a step toward assuring anything was deleted. Do the criminals really have a reputation at stake for keeping their word? Wouldn’t that require we can confirm their identity?

      • Spaceman9000@infosec.pubEnglish
        7·
        1 day ago

        It boils down to their reputation, which is honestly the only thing they truly have.

        If they have a reputation of leaking date afterwards nobody is going to pay in the future.

        So afaik, they don’t resell or give it away. They also send “proof of deletion”, but how fool proof that is is another question entirely.