Data and documents taken from the Los Angeles Unified School District during a hack earlier this month were leaked by the Vice Society Ransomware group on Sunday morning. In a message shared on Twitter, LAUSD superintendent Alberto M. Carvalho acknowledged the exposure of stolen data and announced opening a new hotline for worried parents and students. They can call 855-926-1129.
“Unfortunately, as expected, data was recently released by a criminal organization. In partnership with law enforcement, our experts are analyzing the full extent of this data release,” Carvalho tweeted. The data was made available to the public after the school system’s announcement on Friday that they would not be caving into the ransom demands and that the district could better spend the money for students and their education.
“Los Angeles Unified remains firm that dollars must be used to fund students and education,” read a statement by LAUSD. The total recovery of data is never guaranteed by paying a ransom, and Los Angeles Unified thinks public funds would be better spent on our children than on caving into a vicious and illegal crime syndicate.
The Vice Society gang, responsible for the attack on the school system, just included a link to the stolen data for the Los Angeles Unified School District entry on their data leak website. A note was also addressed to the US Cybersecurity and Infrastructure Security Agency (CISA), helping the school system respond to the incident. On the Vice Society ransomware data leak website, there is a note that says, “CISA wasted our time, we wasted CISA reputation.”
The Vice Society Ransomware group claimed to have stolen 500 GB of data during the hack but had not yet offered any supporting documentation. The names of certain files from the exposed data, such as “ssn,” “Secret and Confidential,” “Passport,” and “Incident,” suggest that they could contain sensitive information.
The disclosed documents also contain “confidential psychological assessments of students, contract and legal agreements, business records, and numerous database entries,” a law enforcement source told NBC Los Angeles. In the past, LAUSD has said that it will offer free credit monitoring services and notify any school community members, business partners, or workers if their personal information is compromised.
It will take some time to analyze this material, and it’s not unusual for other threat actors to use information released by ransomware groups in their attacks. As a result, all schoolchildren, parents, and employees should exercise caution around phishing efforts using this data.
Furthermore, it is strongly urged that anyone impacted lock their credit to prevent identity theft or financial fraud if it turns out that Social Security Numbers and passports have been disclosed. The Vice Society ransomware group hit at least eight other US school districts and colleges/universities in 2022, claims Brett Callow, a threat analyst at Emsisoft.