Hello. Education software provider PowerSchool said it paid a ransom to hackers who stole data on school students, teachers and others from its system last year. 

The company made the statement after several school districts said hackers had been contacting them directly with data from the breach, demanding more money. A person familiar with the investigation said it wasn’t clear if this was the same group that initially stole the data. Read our full story.

More news below. 

Correction: Cloud-security company Datadog estimated fiscal 2025 revenue will be $3.22 billion to $3.24 billion, up from $3.18 billion to $3.2 billion. An item in Wednesday’s newsletter gave the figures in millions.

• “The No. 1 thing I’m looking for from the federal government is to hold somebody accountable for what [hackers] do,” said Tom Wilson, who until earlier this year was chief information security officer at gas and electric utility Southern Co. (WSJ Pro Cybersecurity)

New Russian malware: Information-stealing malware called LostKeys is linked to a Russian hacking group known as Cold River, cybersecurity researchers at Google said Wednesday. LostKeys can also send information about systems it targets back to people who launch it, Google said. Cold River primarily goes after government intelligence, NATO, military and similar targets. (Reuters)

Israeli spyware provider NSO Group must pay $167 million to Meta for crimes related to hacking WhatsApp accounts, a California jury ruled. WhatsApp, which Meta acquired in 2014, sued NSO in 2019, accusing it of breaking into WhatsApp servers and secretly deploying its Pegasus spyware on targeted user accounts.

• NSO said it is considering the verdict and whether to pursue further legal remedies. (New York Times)

Patients of Esse Health in St. Louis, Mo., are seeing appointments canceled or rescheduled as the healthcare system deals with a cyberattack that struck in April. Some medical records are unavailable and phone systems are down. Esse runs nearly 50 facilities across the state. (FirstAlert4)

CrowdStrike plans to cut 5% of its workforce, or about 500 people, and will begin meeting with those affected this week. It will continue to hire customer-facing and product-engineering roles. 

• The company expects to incur $36 million to $56 million in charges tied to severance payments, employee benefits and non-cash charges for stock-based compensation. (WSJ)

Network-security vendor Fortinet beat earnings estimates for its fiscal first quarter of 2025 with revenue of $1.54 billion, up 14% compared to the same period a year earlier. Fortinet's guidance for the second quarter in the midrange of analyst expectations. (Silicon Angle)

Application security company Ox Security raised $60 million in a Series B funding round led by DTCP with participation from IBM Ventures, Microsoft, Swisscom Ventures, Evolution Equity Partners and Team8.

The WSJ Pro Cybersecurity team is Deputy Editor Kim S. Nash and reporters Angus Loten, James Rundle and Catherine Stupp. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.