Hackers Release L.A. School District Data Over Failure To Pay Ransom, Officials Say

Topline

Hackers on Saturday leaked data stolen from the Los Angeles Unified School District—the second-largest public school system in the country—after officials refused to pay a ransom to the group behind the cyberattack, the district said Sunday, the latest in a series of ransomware attacks over the past few years.

Key Facts

The extent of the leak remains unclear as the district and law enforcement investigate, the school system said, but screenshots seen by the Los Angeles Times appeared to show some Social Security numbers among the stolen information.

LAUSD Superintendent Albert Carvalho told the Los Angeles Times Friday he did not believe confidential information of district employees had been stolen, but was “less certain” when it came to students’ information, like names, grades, schedules and disciplinary records, according to the newspaper.

Carvalho said in a statement Friday he did not believe employee healthcare or payroll information had been impacted, and said the district’s safety and emergency mechanisms remain in place.

The district first disclosed it was hit by a ransomware attack over Labor Day weekend, and the district said Friday it refused to pay the ransom demand because paying up “never guarantees the full recovery of data.”

The district has set up a hotline that will go live Monday morning to answer questions about the attack and offer support to people who have been affected, Carvalho said, after saying last week the district expects to provide credit monitoring services for impacted individuals.

The district has declined to name the hackers responsible or the amount of money they demanded as ransom, but an online crime syndicate that calls itself the Vice Society took credit for the attack and claimed to have seized 500 gigabytes of data.

Crucial Quote

“Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate. We continue to make progress toward full operational stability for several core information technology services,” the district said in a Friday statement.

Big Number

1,043. That’s how many schools were targeted in ransomware attacks last year, according to a 2022 report from Emsisoft, a digital security firm.

Key Background

At least 27 U.S. school districts and 28 universities have fallen victim to cyberattacks this year alone, cybersecurity expert Brett Callow, a threat analyst at Emsisoft, told the Los Angeles Times. By Callow’s count, at least 36 of those data stolen that was later released online, and at least two districts and one college paid their attackers’ ransoms. The number of cyberattacks facing U.S. organizations has increased dramatically over the past few years, and in 2020 alone ransom victims paid a collective $350 million in order to regain access to their hacked systems, cryptocurrency tracker Chainalysis told CNN last year. Attacks on education and research institutions have particularly increased. Last year, high-profile ransomware targets included a key U.S. gasoline pipeline and a large meat supplier, forcing both companies to curtail their operations before later handing over millions of dollars in ransom payments.

Further Reading

Hackers release data after LAUSD refuses to pay ransom (Los Angeles Times)

Here Are Some Of The Major Hacks The U.S. Blamed On Russia In The Last Year (Forbes)