Pennsylvania State Education Association Under Investigation for Data Breach of Over 500,000 Employee Records
Schubert Jonckheer & Kolbe LLP is investigating a data breach impacting the private personal information of 501,183 education professionals, including teachers, support staff, and nurses associated with the Pennsylvania State Education Association (PSEA), the largest teachers’ union in Pennsylvania.
On or about March 17, 2025, PSEA notified individuals that an unauthorized third party gained access to its systems, compromising sensitive personal information. According to PSEA, the breach occurred on July 6, 2024, but PSEA did not notify affected individuals until over eight months later, which may have violated state and federal laws.
Reports indicate that the ransomware group Rhysida claimed responsibility for the attack and has allegedly posted stolen data on the dark web. Rhysida, a known cybercriminal organization, has targeted a wide range of industries in past attacks, often encrypting files and demanding ransom payments for decryption keys.
PSEA recently informed individuals that the following private information may have been stolen in the breach:
Names Dates of birth
Driver’s license or state identification numbers
Social Security numbers Account numbers, account PINs, security codes, and routing numbers
Payment card numbers, payment card PINs, and payment card expiration dates
Passport numbers Taxpayer identification numbers
Usernames and passwords
Health insurance information Medical information
If your personal information was impacted by this incident, you may be at risk of identity theft, financial fraud, and other serious violations of your privacy. As a result, you may be entitled to money damages and an injunction requiring changes to the company’s cybersecurity practices.
If you received notification of this data breach from PSEA or an identity protection service and wish to obtain additional information about your legal rights, please fill out the form below.