Matthew D. Lane

Also known asMatthew D. LaneMatthew D. Lane (alleged)Matthew Lane (PowerSchool hacker)matthew_lane

Matthew Lane is a Massachusetts-based individual charged and convicted for cyber extortion and aggravated identity theft, including intrusions against PowerSchool and a U.S. telecommunications company. Aliases mentioned in the source include matthew_d_lane, matthew_d_lane_(alleged), matthew_lane, and matthew_lane_(powerschool_hacker). According to the content, Lane pleaded guilty in May 2025 and was later sentenced to four years in prison. Prosecutors had sought a longer sentence and recommended restitution exceeding US$14 million; the court ordered approximately US$14.1 million in restitution and a US$25,000 fine. The PowerSchool intrusion exposed data from about 70 million students and faculty members and was described by prosecutors as the largest known data breach involving American schoolchildren. The content states that Lane threatened to leak stolen PowerSchool data unless the company paid a ransom of nearly US$2.9 million, which PowerSchool ultimately paid. Prosecutors also said his activity reflected a pattern of cyberattacks dating back to 2021. No nation-state affiliation is mentioned in the provided content.

Are they targeting you?

Know when an actor pivots toward your sector

Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.

Start free trial

ACTIVITY FEED

Recent activity

2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

2 SOURCESView more in app

scworldNews

Oct 16, 2025

PowerSchool hacker jailed for four years

Matthew Lane conducted a major data breach against PowerSchool, exposing data from 70 million students and faculty. He demanded a ransom of nearly $2.9 million, which was paid, and threatened to leak the data if not paid. He also breached a U.S. telecom firm and has a pattern of cyberattacks dating back to 2021.

scworldNews

Oct 16, 2025

AI, EDR, and Hacking Things – PSW #896

Matthew Lane conducted cyber extortion and identity theft attacks against a US telecommunications company and a cloud-based software company (PowerSchool), compromising multiple companies since 2021.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: sector and geo overlap with your footprint, the IOCs they’re burning right now, detection coverage, and what to do next.

Start free trial

Target overlap

Match sector + geo + tech-stack targeting against your real footprint.

Tradecraft mapping

Every observed MITRE ATT&CK technique, grouped by tactic.

Malware arsenal

Families this actor is known to deploy, with IOCs and behavior.

Exploited CVEs

CVEs this actor has used in known campaigns.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Observables

Domains, IPs, and hashes tied to this actor, refreshed continuously.