Alberto M. Carvalho, the LAUSD’s superintendent, confirmed that the published data and documents are from the school system’s breach and launched a hotline for the victims.
Parents and students that are affected by the cyberattack can call 855-926-1129 for more information.
“Unfortunately, as expected, data was recently released by a criminal organization. In partnership with law enforcement, our experts are analyzing the full extent of this data release,” tweeted Carvalho who collaborates with US Cybersecurity and Infrastructure Security Agency (CISA) in investigating this incident.
Thank you to our students, families and employees for doing their part in the ongoing recovery from this cyberattack. pic.twitter.com/K8VhiFmSbL
On Friday, 30 September 2022, LAUSD publicly announced that they would not pay the ransom demanded by the hackers.
“Los Angeles Unified remains firm that dollars must be used to fund students and education. Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate.”, said the school system in a statement.
As a consequence, the Vice Society gang posted a link with the exfiltrated data on their data leak site, a few days later. The post also included a message for CISA: “CISA wasted our time, we waste CISA reputation.”
What Data Was Leaked
The Vice Society ransomware gang claims to have stolen 500 GB of data, and some of the leaked folders may contain important information, having names like “ssn”, “Secret and Confidential”, “Passport”, and “Incident”, according to BleepingComputer.
Another source warned on NBC Los Angeles that the stolen data includes “confidential psychological assessments of students, contract and legal documents, business records, and numerous database entries.”
Although analyzing the leaked data will take time, LAUSD took the engagement to notify those whose data wore exposed due to this attack, and to provide a free credit card monitoring service.
All possible victims are urged to stay vigilant in case of potential phishing attacks as the exposed data could be used in further phishing campaigns. And in the case that Social Security Numbers and passports have been exposed, the affected persons are advised to prevent identity theft or financial fraud by freezing their credit.
Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.