Isai RochaThe Los Angeles Unified School District (LAUSD) announced that the hackers who compromised the district’s online infrastructure, have leaked student personal data on the dark web.
LAUSD Superintendent Alberto M. Carvalho held a press conference Monday to address the leaks, after reports that personal information, including social security numbers, had been found on a dark web website.
“Based on what we know today, we are able to confirm that the release was actually even more limited than we had originally anticipated, and based on what we’ve seen, there is at this point no evidence of widespread impact as far as truly sensitive, confidential information,” Carvalho said Monday.
Carvalho said he had made it a point to increase the district’s cyber security since taking over as superintendent this year.
One of the changes was adding additional authentication measures to student logins, something he was surprised was not already in play.
“Shortly after I arrived here, I authorized, based on the request of our head of IT, the implementation of MFA, multi-factor authentication,” Carvalho said. “We authorized that back in July, when I actually learned we did not require MFA in this district.”
While Carvalho said the impact of the leak was minimal, Engadget reported the hackers, who have gone by the name Vice Society, released up to 500 GB of user data on their dark web website.
On the site, the hackers wrote “CISA wasted our time, we waste CISA reputation,” referring to the federal Cybersecurity and Infrastructure Security Agency (CISA).
This would not be CISA’s first run-in with the hacker group, as in early September, the agency posted an online alert titled, “Stop Ransomware: Vice Society.”
In the alert, it was noted that the hackers had been frequently targeting schools and it was possible that they would continue to do so.
“The FBI, CISA, and the MS-ISAC anticipate attacks may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks,” the CISA bulletin read. “School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable; however, the opportunistic targeting often seen with cyber criminals can still put school districts with robust cybersecurity programs at risk. K-12 institutions may be seen as particularly lucrative targets due to the amount of sensitive student data accessible through school systems or their managed service providers.”
LAUSD has been working with an Independent Information Technology Task Force, consisting of public and private sector cybersecurity experts. The White House has also been involved, with the FBI investigating the incident and monitoring the district’s infrastructure 24/7.
The hack occurred over Labor Day weekend, although it did not affect the daily on-campus operations, allowing schools to reopen as usual the following school day.
The school district has set up a hotline for concerned parents and staff with the number 855-926-1129, available Monday through Friday between 6 a.m. and 3:30 p.m.
Advertising disclosure: We may receive compensation for some of the links in our stories. Thank you for supporting LA Weekly and our advertisers.