Threat actors leaked data stolen from the Los Angeles Unified School District (LAUSD) on Sunday, the United States’s second-largest school district, after it announced that it would not be giving in to ransom demands.
LAUSD was first hit early last month, just before classes were scheduled to start up again after the summer break. Vice Society ransomware gang claimed responsibility for the attack, and has been responsible for various attacks against the education sector across the country over the past few months.
It was initially believed that disruption to the school’s email systems and network infrastructure would have the largest impact following the security breach. However, it has since emerged that Vice Society did most likely steal sensitive data from LAUSD’s systems.
Local media reports suggested that the data stolen and leaked by Vice Society included confidential psychological assessments of students, contract and legal documents, business records, and other sensitive data.
Following the security breach, LA Schools Superintendent Alberto M. Carvalho tweeted out a hotline number on Sunday for students and parents who had any questions and concerns.
Carvalho previously said that the school district refused to pay any ransoms, and added that “negotiating with cybercriminals attempting to extort education dollars from our kids, teachers, and staff will never be a justifiable option.”
In a press release last week, LAUSD maintained that it believed giving in to extortionists was wrong.
“Los Angeles Unified remains firm that dollars must be used to fund students and education,” the school district added. “Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate.”
Vice Society claimed on its official website that its time had been “wasted” by the US’s Cybersecurity and Infrastructure Security Agency (CISA), which suggests that attempts to slow down the release of stolen data had been at least somewhat successful.
Late last month, the South Redford School District in Michigan was forced to cancel classes for two straight days after its computer system was also infiltrated in a cyber attack.