Hackers have made a ransom demand following a ransomware attack earlier this month that targeted the Los Angeles Unified School District, the district confirmed Tuesday.
Details about the ransom demand and what kind of information, if any, the hackers might be holding were not disclosed. The nation's second-largest school district confirmed the ransom demand, first reported by the Los Angeles Times, to NBCLA.
“We can confirm that there was a demand made,” LAUSD Superintendent Alberto Carvalho said. “There has been no response to the demand.”
He said there have been no new security breaches since the attack over Labor Day weekend, which temporarily interfered with the LAUSD website and email system. The district contacted federal officials that weekend, prompting the White House to mobilize a response from the U.S. Department of Education, the FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, according to the LAUSD.
Get Southern California news, weather forecasts and entertainment stories to your inbox. Sign up for NBC LA newsletters.
Officials described the incident as "likely criminal in nature." The attack required all students and employees to change LAUSD passwords.
Carvalho said the district was attacked with a ransomware tool. Officials detected unusual activity on the Saturday night before Labor Day from an external entity, prompting the district to deactivate all its systems in what officials said was an unprecedented move.
The attack temporarily interfered with the LAUSD website and email system. But officials said employee health care and payroll were not impacted, nor did the cyber incident impact safety and emergency mechanisms in place at schools.
A ransomware extortion attack in Albuquerque’s biggest school district forced schools to close for two days in January. That district's superintendent said the shift to remote learning during the pandemic offered more ways for hackers to access the district’s system.
Ransomware cost American victims an estimated $1.4 billion in 2020, the first year of the pandemic. The attacks usually involve hackers breaking into private computer systems in an effort to encrypt or sometimes steal files to hold for ransom.