A 19-year-old college student from Massachusetts is facing federal charges for hacking into PowerSchool’s system and triggering a massive 2024 data breach that compromised the private information of millions of teachers, students, and parents in North Carolina.
According to the U.S. Department of Justice, Matthew Lane admitted to his role in the breach and has entered a plea agreement with the federal government. He pleaded guilty to several serious charges, including cyber extortion conspiracy, cyber extortion, unauthorized access to protected computers, and aggravated identity theft.
“This hacker compromised the personal data of millions of people in our state, and I’m glad to see he is being brought to justice,” said Attorney General Jeff Jackson in a statement.
The investigation began in February after a cybersecurity breach in mid-December affected PowerSchool, a company that provides software services to public schools across North Carolina.
The breach exposed sensitive personal information, including Social Security numbers, names, addresses, and in some cases, medical records.
Earlier this month, the North Carolina Department of Public Instruction warned that hackers had started sending extortion emails to victims of the breach, demanding money or threatening to misuse their stolen data.
To protect against further harm, employees, students, and parents are encouraged to enroll in credit monitoring services available through the State Department of Public Instruction’s website. These services help prevent identity theft by blocking unauthorized job applications, credit card use, or changes to personal records.
