In December 2024, EdTech vendor PowerSchool was hit with a major attack that reportedly affected more than 60 million students and employees throughout the country. But that wasn’t the only major attack affecting an education sector vendor in December. Teiss reports that a retirement services vendor was also the victim of an attack:
About 50 school districts across the United States have reported data breaches that resulted from hackers breaching the network of retirement service provider Carruth Compliance Consulting.
Earlier this month, Carruth Compliance Consulting, which provides third-party administrative services to public school districts and non-profit organizations for their 403(b) and 457(b) retirement savings plans, said that in December, it discovered a major cyber security incident that involved malicious actors accessing its internal systems.
“The investigation determined that certain systems on our network were accessed without authorisation between December 19, 2024 and December 26, 2024, and during that time, certain files were copied from our systems.
“CCC then conducted a review to determine what data was potentially copied without authorisation. On January 13, 2025, CCC provided notice of this event,” the company said.
The compromised data included employees’ names, Social Security numbers, financial account information, driver’s license numbers, W-2 information, medical billing information and tax filings.
Read more at Teiss.
As an update to Teiss’s reporting, The Data Breach Times notes that the threat actors who claimed responsibility for the attack, “Skira Team,” did issue ransom demands for what they claimed was about 469 GB of data. When CCC did not pay, the threat actors leaked the data on their dark web leak site on March 16. The Data Breach Times neither downloaded the data nor attempted to verify its validity. Because CCC’s last update on their notice was posted on January 13, 2025, their website notification does not mention any data leak.
