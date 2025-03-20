PSEA issues data breach notification letter to more than 500,000 individuals

It warned about a data breach that happened in July 2024

The data breach exposed personal, financial, and health information

A data breach at the Pennsylvania State Education Association (PSEA) has potentially exposed more than half a million people to identity theft, phishing, or wire fraud.

The Pennsylvania public sector union has sent a data breach notification letter to 517,487 individuals, to warn them about a cybersecurity incident that happened in July 2024.

PSEA is a labor union and professional organization representing public school educators, higher education faculty, school staff, and retired educators across Pennsylvania. It has thousands of members, and plays a crucial role in negotiating contracts, lobbying for education funding, and providing professional development. The association also focuses on student-centered policies, promoting safe and effective learning environments.

Rhysida strikes

"PSEA experienced a security incident on or about July 6, 2024 that impacted our network environment," it says in the notification letter.

"Through a thorough investigation and extensive review of impacted data which was completed on February 18, 2025, we determined that the data acquired by the unauthorized actor contained some personal information belonging to individuals whose information was contained within certain files within our network."

While the type of information stolen varies from person to person, it mostly contains personal, financial, and health data.

People’s names, driver’s license numbers, state IDs, Social Security numbers, PIN numbers, security codes, payment card information, passport information, taxpayer ID numbers, credentials, health insurance and medical information were all exposed in some measure.

While the organization did not discuss the threat actors, BleepingComputer found that the ransomware group called Rhysida claimed responsibility for the attack in early September 2024.

Apparently, the organization demanded 20 BTC which, at the time, equaled approximately $1.1 million. It is unknown if PSEA paid the ransom demand or not, but the publication states that the entry was subsequently removed from the dark web leak site.

