A December 2024 cyberattack on a major retirement plan administrator has compromised the sensitive information of thousands of public school teachers and employees across the United States.
Numerous public school districts nationwide have filed data breach reports with state regulators, including those in Maine, Massachusetts, and Vermont. The breaches stem from an attack on Carruth Compliance Consulting (CCC)—a firm responsible for third-party administration of 403(b) and 457(b) retirement savings plans for public schools and non-profit organizations.
A Recorded Future News analysis of breach notifications in Maine revealed at least 11 impacted schools and colleges across Pennsylvania, Oregon, California, Illinois, and New York. However, broader reports indicate the breach affected more than 40,000 teachers and school employees, and with multiple states still assessing the damage, the actual number of victims is likely much higher.
Skira Team Claims Responsibility
A new cybercriminal group known as Skira Team has claimed responsibility for the attack, boasting that they have stolen data from 36 public schools.
CCC has remained largely silent on the matter, failing to respond to press inquiries. However, the company did issue a website notice in January, stating that on December 21, it detected “suspicious activity impacting system operability.” A subsequent investigation revealed that hackers had accessed company systems from December 19 to December 26, extracting files containing:
- Names
- Social Security numbers
- Financial account details
- Driver’s license numbers (in some cases)
- W-2 tax information
- Medical billing data
- Tax filings
Additionally, any beneficiaries’ information provided by employees may also have been compromised.
Class Action Lawsuits and Fallout
With thousands of employees affected, multiple class action lawsuits have already been filed against Carruth Compliance Consulting, and legal firms are actively reaching out to victims.
School districts have been forced to issue their own breach notifications. Seattle Public Schools, for example, warned that all employees from 2008 to 2024 were impacted. Some school districts have already severed ties with CCC over the incident.
More School Hacks in the Spotlight
This breach comes amid another major cyberattack on PowerSchool, a widely used education technology provider. PowerSchool recently admitted that 6,500 of its 18,000 clients were affected in a separate hack disclosed in January.
These back-to-back breaches highlight serious security vulnerabilities in school-related technology services, leaving tens of thousands of educators and staff at risk of identity theft and financial fraud.
Help us bring real change! Corporate lobbying has corrupted our system for too long, and it’s time to take action. Please sign and share this petition—your support is crucial in restoring accountability to our government. Every signature counts! Thank you!
https://www.ipetitions.com/petition/restore-our-republic-end-lobbying
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
Comment on “Massive Cyberattack Exposes Retirement Data of Thousands of Public School Employees”