A crime syndicate that hacked into the Los Angeles Unified School District and stole an undisclosed amount of personal and private information has released that data online, according to the Los Angeles Times and confirmed by the district superintendent.
The hackers had claimed to have stolen more than 500 gigabytes of data from the school district during last month’s hack, although authorities have not yet verified that claim.
The crime syndicate had set Monday as the deadline for the school district to pay a ransom in order to keep the data off the internet, but the data was published earlier than expected late Saturday night.
The reason for publishing two days ahead of the deadline appears to be related to Superintendent Alberto Carvalho publicly stating that the school district would not pay the hackers’ ransom.
“Paying ransom never guarantees complete data recovery, and Los Angeles Unified believes public dollars are better spent on our students than caving to a nefarious and illicit crime syndicate,” the district said Friday.
Screenshots obtained and verified by the Times show the hackers posting a message on the group’s dark web website taking credit for the hack and subsequent leak and listing the school district as an official partner or victim of the group.
The attack and system outage was first reported on Sept. 5, and caused cybersecurity experts and information technology employees to shut down systems in an attempt to remove any traces of the hack.
School resumed following a scheduled day off, at which point the district required IT passwords to be reset in person.
The full extent of the hack remains unclear, but Carvalho has indicated that employee health care and payroll have apparently been impacted.
Following the hacking of LAUSD, the Cybersecurity and Infrastructure Security Agency (CISA) has warned other large school districts across the country about the threat of ransomware attacks.
LAUSD, along with over a thousand other education and technology leaders across the country, has asked the FCC to allow the permanent use of existing E-Rate Program funds to “bolster and maintain IT security infrastructure.”
Anyone with questions about the cyberattack can call a dedicated toll-free line at 855-926-1129.
Officials also urge people to follow LAUSD on its Twitter and Facebook pages for updates.
Les damos las gracias a nuestros estudiantes, familias y empleados por poner de su parte durante la recuperación continua de este ciberataque. pic.twitter.com/PpXh6iO628
— Alberto M. Carvalho (@LAUSDSup) October 2, 2022
The school district released the following statement Sunday.