A crime syndicate that hacked into the Los Angeles Unified School District and stole an undisclosed amount of personal and private information has released that data online, according to the Los Angeles Times and confirmed by the district superintendent.
The hackers had claimed to have stolen more than 500 gigabytes of data from the school district during last month’s hack, although authorities have not yet verified that claim.
The crime group originally set Monday as the deadline for the school district to pay a ransom to keep the data off of the internet, but the data was published ahead of time late Saturday night.
The motive for publishing two days ahead of the established deadline appears to be related to Superintendent Alberto Carvalho publicly announcing that the school district would not pay any ransom to the hackers.
“Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate,” the district said Friday.
Screenshots viewed and verified by the Times shows the hackers posting a message on the group’s website on the dark web that appear to be taking credit for the hack and ensuing leak and listing the school district as an official partner — or victim — of the group.
The attack and system outage was first reported on Sept. 5, and caused cybersecurity experts and information technology employees to shut down systems in an attempt to remove any traces of the hack.
School resumed following a scheduled day off, at which point the district required IT passwords to be reset in person.
The full extent of the hack remains unclear, but Carvalho has indicated that employee health care and payroll have apparently been impacted.
The Cybersecurity and Infrastructure Security Agency (CISA) has warned other large school districts across the country about the threat of ransomware attacks following the hacking of LAUSD.
LAUSD, along with more than a thousand education and technology leaders across the country, have requested that the Federal Communications Commission authorize the permanent use of existing E-Rate Program funds to “bolster and maintain IT security infrastructure.”
Anyone with questions about the cyberattack can call a dedicated toll-free line at 855-926-1129.
The school district released the following statement Sunday.
“Unfortunately, as expected, data was recently released by a criminal organization. In partnership with law enforcement, our experts are analyzing the full extent of this data release,” the statement reads.
The district also said that a hotline will launch Monday morning for those in the community with questions or in need of additional support regarding the hack. That number is 855-926-1129 and the phone line will be staffed from 6 a.m. to 3:30 p.m. Monday through Friday.