Los Angeles Unified School District Suffers One of the Biggest Education Breaches in History
Table of Contents
- By Miguel
- Oct 03, 2022
Los Angeles Unified School District (LAUSD) is the second largest school district in the U.S., with over 1,000 schools and 600,000 students. This leak is not just one of the biggest in education history, but perhaps the biggest ever.
How Did the Attack Occur?
The hack was a ransomware attack that occurred on September 3rd, 2022. The hackers are a Russian-speaking group known as Vice Society. Vice Society has targeted eight schools in 2022 alone, with one of these attacks resulting in the school’s closing.
Lincoln College, established in 1865, closed its doors in May 2022 after being victimized by this ransomware group. The hackers claimed to have over 500GBs (gigabytes) of data.
What Information Was Viewed or Stolen?
The stolen information is vast, having the opportunity to harm many students. The data that Vice Society leaked onto their dark website includes social security numbers (SSN), passport information, tax forms, and psychological assessments of the children.
The ability to access this information is only reliant on the knowledge of the bad actor; if they can get onto the dark web, they can access the data of countless children and teachers.
How Did the District Admit to the Breach?
The district announced the breach when they shut down all of their systems and made students, teachers, and administrators reset their passwords. It took almost twenty-four hours for the systems to go back online.
Many teachers immediately felt the breach’s impact, seeing as much of their coursework and lesson plans are digitally based. The district held many press conferences following the attack, assuring parents and students that the school district would do everything it could to protect students and teachers.
What Will Become of the Stolen Information?
The Vice Society leaked the stolen information on Saturday, October 1st, 2022, two days before the ransom deadline. This followed the school district’s superintendent, Alberto Carvalho’s statement:
“Los Angeles Unified remains firm that dollars must be used to fund students and education. Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate.”
The files were leaked late on Saturday. Vice Society contacted TechCrunch, saying, “We always delete documents and help to restore network [sic], we don’t talk about companies that paid us. Now LAUSD has lost 500GB of files.” The amount of the ransom was never released to the public.
What Should Affected Parties Do in the Aftermath of the Breach?
Anyone within the LAUSD may have had much of their data released. The affected parties should do everything possible to keep themselves and their loved ones safe. Download internet protection software, change any passwords related to the accounts, and mind credit and debit accounts that had anything to do with the school district.