Alert: Data Breach at Pennsylvania Education Association (PSEA)

Data stolen impacting 517,487 people:

State IDs, Social Security numbers, financial account numbers, payment card information, passport numbers, taxpayer IDs, health insurance information.

Locations affected:

Residents of Iowa, Maine, Maryland, Massachusetts, New Hampshire, New Mexico, New York, North Carolina, Oregon, Pennsylvania , Rhode Island, Washington D.C., current and former members of PSEA.

News article:

"PSEA represents more than 177,000 teachers, school nurses, bus drivers, cafeteria workers and others in roles across Pennsylvania’s public schools. The organization bargains compensation and benefits on behalf of school workers and has existed since 1852."

-- The Record Media, March 19, 2025. https://therecord.media/half-a-million-impacted-pennsylvania-education-data-breach

Date of Breach:

July, 6 2024

Attacker:

The attack on PSEA was claimed by the Rhysida ransomware gang in September 2024.

Breach entry point:

PSEA network environment. No further specifics provided.

Data Breach Notice Posting(s):

• Maine - https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/e44266ce-8099-4d3c-8635-2c5cdb41f24a.html

• Massachusetts - https://www.mass.gov/doc/2025-493-pennsylvania-state-education-association/download

• New Hampshire - https://mm.nh.gov/files/uploads/doj/remote-docs/pennsylvania-state-education-association-20250318.pdf

• Pennsylvania - https://www.psea.org/pages-without-a-home/notice-of-data-security-incident/

Reduce Your Risk with These Actions:

• Call or login to the three major credit bureaus and FREEZE your credit account and place a FRAUD ALERT on your credit files

  • Equifax - https://equifax.com | 1-888-548-7878

  • Experian - https://experian.com | 1-800-493-1058

  • Transunion - https://transunion.com | 1-800-916-8800

• Obtain a FREE CREDIT REPORT every twelve (12) months at www.annualcreditreport.com | 1-877-322-8228

• If you are offered Credit Monitoring Service in a letter notifying you of a data breach, sign up for it. Make note of the day your coverage start and end dates in your electronic calendar, as an All Day event reminder

• Change your password at the company effected by the data breach

• Sign up for 2-Step Authentication using an Authenticator app on your phone

• Do not use text messaging for 2-Step Authentication

• Use a Password Manager to generate and store a long and complex password

• If a stored credit or debit card was compromised, cancel the card and get a replacement. Update any recurring payments associated with the new card

• Monitor your card and bank statements for unauthorized charges. Look for out of area charges or small amount charges at unfamiliar merchants.

• File disputes with your card issuers to recover funds

• Ensure your browsers, email apps, social media apps, computers, and phones have the latest updates installed