Hackers released a cache of data stolen during a cyber attack on the Los Angeles Unified School District (LAUSD) in what appears to be the largest education breach in recent years.
The Russian-speaking group Vice Society, which last month claimed responsibility for the ransomware attack that disrupted LAUSD’s access to email, computer systems and apps, released data stolen from the school district over the weekend. The group had previously set an October 4 deadline for the payment of an unspecified ransom demand.
The stolen data was posted on a community representative’s dark web leak site and appears to contain personally identifiable information, including passport details, Social Security numbers and tax forms. While TechCrunch has not yet reviewed the full set, the published data also contains confidential information including contracts, legal documents, financial reports containing bank account details, health information including COVID-19 test data, past conviction reports, and psychological assessments of students.
The Vice Society, a group known to target schools and the education sector, included a letter with published data that the US Cyber and Infrastructure Security Agency (CISA), the government agency that helps the school respond to the breach, “wasted our time.”
In an email, the community deputy told TechCrunch that CISA had allegedly stopped releasing the data and that CISA was “wrong” when it advised LAUSD not to pay the ransom demand. (CISA and the FBI have long discouraged victims from paying ransoms to not “encourage adversaries to target additional organizations”). “We always delete documents and help restore the network [sic]“We are not talking about companies that pay us,” said the cybercriminals. LAUSD has now lost 500 GB of files.
CISA did not immediately respond to a request for comment.
Alberto Carvalho, supervisor of the LAUSD, confirmed the release of the stolen data in a statement Posted on Twitter On Sunday, along with announcing a new hotline starting Monday morning – (855) 926-1129 – for concerned parents and students to ask questions about the cyber attack.
Just hours before the public release of the stolen data, LAUSD published a statement on Friday confirming that it would not pay the Vice Society’s ransom demand, the amount of which remains unknown.
“It is important to note that this investigation is ongoing,” the statement said. “Los Angeles Unified remains consistent on the need for dollars to be used to fund students and education. Paying the ransom does not guarantee full recovery of data, and Los Angeles Unified believes that public money is better spent on our students rather than surrendering to a nefarious and illegal crime syndicate.”
The LAUSD said it is working with law enforcement “to determine what information has been affected and to whom it belongs.” The district did not say whether it knew what data it expected to release. LAUSD is the second largest district in the United States with over 1,000 schools and 600,000 students.
An LAUSD spokeswoman declined to comment on Friday’s statement.
According to Brett Callow, Emsisoft Threat Analyst, the Society Virus ransomware gang has attacked at least eight other US school districts, colleges and universities so far in 2022. The gang was previously the subject of a warning from the CISA and the FBI, which said that the community vice “targets disproportionately the education sector with ransomware attacks.”
The LAUSD said it “continues to deal” with the cyber attack and is “making progress toward full operational stability of many essential IT services.” Some educational institutions targeted by ransomware never recover: Lincoln College, founded in 1865, recently announced that it was closing its doors after a ransomware attack disrupted the admissions process last December.
from San Jose News Bulletin https://sjnewsbulletin.com/hackers-leak-500gb-of-data-stolen-during-lausd-ransomware-attack-techcrunch/
No comments:
Post a Comment