Thousands of public school workers impacted by cyberattack on retirement plan administrator. A December 2024 cyberattack on a prominent administrator for retirement plans has exposed the information of thousands of public school teachers and employees across the U.S. Dozens of public schools across the country reported data breaches to regulators in Maine , Massachusetts , Vermont and several other states this week, warning that sensitive data was stolen through Carruth Compliance Consulting — a company that provides third-party administrative services to public school districts and non-profit organizations for their 403(b) and 457(b) retirement savings plans. Third-party company: Carruth Compliance Consulting.