Los Angeles Unified School District (LAUSD) announced who the hackers were. It has violated the online infrastructure of the districtThey have released a student’s personal information on the dark web.
LAUSD Superintendent Alberto M. Carvalho held a press conference Monday to address the leaks after reports that personal information, including Social Security numbers, were found on a dark web site.
Based on what we know today, we’ve been able to confirm that the release was more limited than we originally expected, and based on what we’ve seen, there’s no evidence that it’s truly widespread at this point. Confidential, confidential information,” Carvalho said Monday.
Carvalho said it was important to improve the district’s cybersecurity after taking over as superintendent this year.
One of the changes was adding more verification steps to student logins, something he was surprised wasn’t already in the game.
“Shortly after I got here, I based our head of IT’s request, the MFA, on multi-factor authentication,” Carvalho said. “When I found out we didn’t want an MFA in this district, we approved it in July.”
While Carvalho said the impact of the leak was minimal, Engage reported that the hackers, who went by the name Vice Society, released up to 500 GB of user data on their dark web site.
On the site, the hackers wrote, referring to the Federal Cyber Security and Infrastructure Security Agency (CISA), “CIA has wasted our time, we will discredit CIS.”
At the beginning of September, according to the agency, this is not the first time that CISA enters the hacker group It issued an online alert titled“Stop Ransomware: The Vice Community.
In the alert, it was pointed out that hackers have frequently targeted schools and may continue to do so.
FBI, CISA and MS-ISAC attacks are likely to increase as the 2022/2023 school year begins and criminal ransomware groups realize opportunities for successful attacks, CISA’s announcement read. “School districts with limited cybersecurity capabilities and limited resources are often the most vulnerable; however, the opportunistic targeting often seen with cybercriminals can still jeopardize schools with robust cybersecurity programs. Privacy through school systems or their managed service providers.” K-12 institutions can be seen as particularly lucrative targets because of the amount of student data available.
LAUSD is working with an independent Information Technology Task Force comprised of public and private sector cybersecurity experts. The White House is also involved, with the FBI investigating the incident and monitoring the circuit’s infrastructure 24/7.
The hack occurred over Labor Day weekend, and although it did not affect daily campus operations, it did allow schools to open as normal the following school day.
The school district has set up a hotline for concerned parents and staff at 855-926-1129, Monday through Friday, 6 a.m. to 3:30 p.m.
Advertising Disclosure: We may receive compensation for some of the links in our stories. Thank you to LA Weekly and our advertisers for supporting us.