LA School District Ransomware Attackers Now Threaten to Leak Stolen Data

The clock is ticking for the Los Angeles Unified School District (LAUSD) – the second largest in the country. After a ransomware attack at the beginning of the month, it has now been given an ultimatum: meet Vice Society’s demands for ransom or have their data released to the public so that anyone, including phishers and other cybercriminals, can access it.

Brett Callow, a threat analyst for Emsisoft, shared a screenshot of Vice Society leak site showing that the ransomware group is threatening to publish the goods in a few days.

“The papers will be published on 4 October 2022 at 12:00 London time,” the announcement read.

The district has not provided an update on the types of information the cyber attackers are threatening to release, a district parent told Dark Reading.

“I wish they had sent out a notice about what personal information about our children and ourselves might be included in this planned release,” she says. “And if we could do anything to reduce the damage.”

LAUSD refuses to pay ransom

The school district acknowledged the attack in a statement on Sept. 5 and said it was working with law enforcement to investigate the breach. Los Angeles Unified School District Superintendent Alberto Carvalho confirmed that a ransomware claim was made after the cyber attack was announced and that the district did not pay.

“We can confirm that there was a claim,” Carvalho said during a Sept. 20 interview with the Los Angeles Times. “There has been no response to the claim.”

As of press time, all the systems used by parents and students are fully functional, the district parent confirmed.

“I generally support how the district handled the breach — they brought in the Feds right away and were adamant about not paying the ransom,” she says. “I could quibble here and there about communication and the actual implementation of the password reset, but all things considered they’ve done ok.”

The LAUSD hit was part of a series of ransomware attacks against schools by the Vice Society, which hoped to take advantage of the busy back-to-school season.

The wave of attacks in early September also prompted the Cybersecurity and Infrastructure Agency (CISA) to issue a warning about the Vice Society’s campaign against educational institutions.


Leave a Reply

Your email address will not be published.