LAUSD

LAUSD Creates Hotline After Stolen Data Posted by Ransomware Group

Student, staff and business files taken in a failed ransomware attack against the LA Unified School District began to appear on the dark web Sunday.

NBC Universal, Inc.

LA Unified first announced the hack, which largely failed, on Sept. 6 of this year. Eric Leonard reports for Today in LA on Sunday, Oct. 2, 2022.

The ransomware gang Vice Society began posting Sunday thousands of files it apparently stole last month from the LA Unified School District's computer systems during a failed ransomware cyber-attack.

According to a law enforcement source familiar with the investigation the files made public on the group's known website included some confidential psychological assessments of students, contract and legal documents, business records, and numerous database entries.

A portion of the data appeared to contain personal identifying information, including some social security numbers, the source said.

Around 11:15 a.m. on Sunday, LAUSD Superintendent Alberto Carvalho tweeted out a statement on behalf of the school district in response to the posts. The statement included a hotline parents and staff can call with questions about the incident.

"Thank you to our students, families and employees for doing their part in the ongoing recovery from this cyberattack," Carvalho said.

"We have set up a hotline, available starting tomorrow morning at 6 a.m. PT," the statement said. "This hotline will assist those from our school communities who may have questions or need additional support."

The hotline is available between 6 a.m. and 3:30 p.m. PT, Monday through Friday, by calling 855-926-1129.

LAUSD had initially declined to comment on the data release or its contents early Sunday, and referred back to a public statement Friday that confirmed a threat to release the files posted late last week was legitimate and promised additional information once the impact of the data breach was known.

“Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate,” the statement said.

The LA Times reported that Carvalho said there was a demand for payment, which was not included in the District’s statements to the public.

“But this level of demand was, quite frankly, insulting,” Carvalho told the Times. “And we’re not about to enter into negotiations with that type of entity.”

The Vice Society site included a message Sunday that said, "CISA wasted our time, we waste CISA reputation," near a link to download the LAUSD files.

The group posted last week that it intended to release the stolen files on Tuesday.

CISA is the acronym for the federal cyber-security agency that published a national warning in early September about Vice Society targeting educational institutions.

The LAUSD said in its statement Friday that it would provide an update in the event the stolen material was released.

“To our school community and partners, we will update you when we have relevant information, and notify you if your personal information is impacted, as appropriate,” the District said.

“We also expect to provide credit monitoring services, as appropriate, to impacted individuals. We will have more to share about how to sign up for credit monitoring services in the coming days,” the statement said.

Exit mobile version