According to sources, Los Angeles Unified School District (a Education organization in California) was hit with a cyber attack. It was first reported on 2022-10-03.
Source 1 | 2022-10-03
“That’s how researchers at Check Point on Monday described the data and documents reportedly released Sunday by the Vice Society ransomware gang after the Los Angeles Unified School District refused to pay a ransom following the group’s attack on LAUSD in September.“
“Den Jones, CSO at Banyan Security, said the general rule is that most professionals — law enforcement included — will recommend not to pay any ransom when infected with ransomware. Jones said the LAUSD is correct in following this protocol, and for having reported the breach to the U.S. government. Jones added when organizations report to federal agencies such as CISA, the FBI or the U.S. Secret Service, other agencies are also notified.“
“LAUSD Superintendent Alberto Carvalho made the district’s position clear in a Tweet on Monday, when he said: “I understand there will be many opinions on this matter but, simply said, negotiating with cybercriminals attempting to extort education dollars from our kids, teachers, and staff will never be a justifiable option. LAUSD refuses to pay ransom.” Den Jones, CSO at Banyan Security, said the general rule is that most professionals — law enforcement included — will recommend not to pay any ransom when infected with ransomware. Jones said the LAUSD is correct in following this protocol, and for having reported the breach to the U.S. government. Jones added when organizations report to federal agencies such as CISA, the FBI or the U.S. Secret Service, other agencies are also notified.“
Source 2 | 2023-01-20
“Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang has stolen files containing contractors' personal information, including Social Security Numbers (SSNs). LAUSD also revealed that the threat actors were active in its network for over two months, between July 31, 2022, and September 3, 2022.“
“Through our ongoing investigation, we determined that between July 31, 2022, and September 3, 2022, an unauthorized actor accessed and acquired certain files maintained on our servers," the school district said in data breach notification letters sent to affected individuals.“
“While reviewing the data stolen during the two-month-long security breach, LAUSD discovered payroll records and other labor-related documents that included SSNs and impacted peoples' names and home addresses. On January 9, 2023, we identified labor compliance documents, including certified payroll records, that contractors provided to L.A. Unified in connection with Facilities Services Division projects," LAUSD said. “
Source 3 | 2023-02-22
“Detailed and highly sensitive mental health records of hundreds — and likely thousands — of former Los Angeles students were published online after the city’s school district fell victim to a massive ransomware attack last year, an investigation by The 74 has revealed. “
“The student psychological evaluations, published to a “dark web” leak site by the Russian-speaking ransomware gang Vice Society, offer a startling degree of personally identifiable information about students who received special education services, including their detailed medical histories, academic performance and disciplinary records. “
“But people are likely unaware their sensitive information is readily available online because the Los Angeles Unified School District hasn’t alerted them, a district spokesperson confirmed, and leaders haven’t acknowledged the trove of records even exists. In contrast, the district publicly acknowledged last month that the sensitive information of district contractors had been leaked. “
Cybersecurity for Critical Infrastructure
SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.
