Los Angelis Unified School District (LAUSD) is one of the largest school districts in the U.S., second only to the New York City Public Schools district. LAUSD has over 600,000 students divided into over 1,000 schools.
The breach was a ransomware attack by a Russian-speaking group called Vice Society. Vice society demanded a ransom – the amount unknown to the public – and when the LAUSD refused their “fee,” they leaked over 500GBs of data. That’s over 15 low-storage Android phones.
The LAUSD did not release the method of the breach, and it could have been anything from a phishing campaign to a dark web attack to an overly simple password on the part of an administrator. Vice Society initially gave the school district until Monday, October 3rd, 2022, to pay the demanded ransom. Still, when superintendent Alberto Carvalho stated in no uncertain terms that the school would not pay the ransom, Vice Society leaked the information two days ahead of schedule.
This breach occurred on September 3rd, 2022.
The breach could impact anyone within the LAUSD. Students, parents, teachers, administrators, and board members could all be affected. Anyone who had ties to the school, most likely including former students, could now have their personal information floating around on the dark web.
The number of files has not yet been released to the public. We know that the leaked files include names, payment information, social security numbers, and psychological evaluations of students, plus tax information and other types of records that the district had on file. This means that any bad actors with access to the dark web could easily steal the identity of the affected individuals. To find out more, read Los Angeles Unified School District Suffers One of the Biggest Education Breaches in History.