2 min read

Student data leaked after LA school district says it won't pay ransom

Graham CLULEY

October 03, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Student data leaked after LA school district says it won't pay ransom

Hackers have leaked data stolen from the United States's second-largest school district, after the Los Angeles Unified School District (LAUSD) announced it would not be giving in to ransom demands.

LAUSD was hit at the start of last month, just before classes were scheduled to resume after the summer break, by the Vice Society ransomware gang, who have been responsible for a series of attacks against the education sector across the country.

Initially it was believed that disruption to the school's email systems and network infrastructure would be the biggest headache following the security breach.  But it has since emerged that Vice Society did most likely exfiltrate sensitive data from LAUSD's systems.

Local media reports have suggested that data stolen and leaked by Vice Society includes confidential psychological assessments of students, contract and legal documents, and business records, amongst other sensitive data.

LA Schools Superintendent Alberto M. Carvalho tweeted out a hotline number for pupils and parents who had questions and concerns following the security breach.

Carvalho had previously said that the school district refused to pay ransoms, adding that "negotiating with cybercriminals attempting to extort education dollars from our kids, teachers, and staff will never be a justifiable option."

In a press release, LAUSD reiterated that it believed giving in to extortionists was wrong:

"Los Angeles Unified remains firm that dollars must be used to fund students and education. Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate."

On its official leak site, Vice Society claimed that its time had been "wasted" by CISA, the US's Cybersecurity and Infrastructure Security Agency, suggesting that attempts to stall the release of the exfiltrated data had been at least temporarily successful.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Royal Ransomware Launches Attacks on US Healthcare Organizations, Government Warns Royal Ransomware Launches Attacks on US Healthcare Organizations, Government Warns
Vlad CONSTANTINESCU

December 09, 2022

2 min read
North Korean APT Group Exploits Internet Explorer Zero-Day Flaw, Google Warns North Korean APT Group Exploits Internet Explorer Zero-Day Flaw, Google Warns
Vlad CONSTANTINESCU

December 08, 2022

2 min read
Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack
Filip TRUȚĂ

December 08, 2022

2 min read