We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: Holiday.com, ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: Holiday.com, ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

PSEA Ransomware Attack Exposes 500,000 Individuals

PSEA Ransomware Attack Exposes 500,000 Individuals
Author Image Hendrik Human
Hendrik Human First published on 23rd March 2025 Cybersecurity Researcher

More than 500,000 individuals are being notified after a cyberattack on the Pennsylvania State Education Association (PSEA) compromised their personal data in July 2024. The union, which represents over 178,000 education professionals across Pennsylvania, said in breach notification letters that hackers accessed a trove of sensitive information.

"PSEA experienced a security incident on or about July 6, 2024 that impacted our network environment," stated the union.

The stolen data included Social Security numbers, health insurance records, passport information, payment card details, and other identifying documents. A forensic investigation that concluded on February 18, 2025, confirmed the breach affected 517,487 individuals.

The PSEA announced: “Through a thorough investigation and extensive review of impacted data which was completed on February 18, 2025, we determined that the data acquired by the unauthorized actor contained some personal information belonging to individuals whose information was contained within certain files within our network."

While PSEA did not name a specific threat actor, the Rhysida ransomware gang claimed the breach on September 9, 2024. The group allegedly demanded a ransom of 20 BTC (over $1 million at the time), threatening to leak the stolen data if unpaid. The gang later removed the listing from its dark website, but PSEA has not confirmed whether a ransom was paid.

The Rhysida group, which operates a ransomware-as-a-service (RaaS) model, has previously targeted high-profile organizations, including the City of Columbus, the British Library, and Sony’s Insomniac Games. US federal agencies like the FBI and CISA have issued warnings about the group’s ongoing threats.

In response, PSEA is offering one year of free credit monitoring and identity restoration services through IDX to individuals whose Social Security numbers were compromised. Enrollment is open until June 17, 2025.

Impacted individuals are urged to remain vigilant by reviewing financial statements, placing fraud alerts on credit files, and securing their online accounts.

About the Author

Hendrik is a writer at vpnMentor, specializing in VPN comparisons and user guides. With 5+ years of experience as a tech and cybersecurity writer, plus a background in corporate IT, he brings a variety of perspectives to test VPN services and analyze how they address the needs of different users.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

This field must contain more than 50 characters

The field content should not exceed 1000 letters

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address

Accessibility menu
Content Adjustments
Adjust Font Size
100%
Color Adjustments
Tools
Accessibility Widget by Sienna