Los Angeles Unified School District creates hotline after data leaked by ransomware group

The Los Angeles Unified School District (LAUSD) has created a hotline after personally identifiable information of students, faculty and staff started being posted on the dark web. The ransomware group “Vice Society” had set a Monday deadline for paying the ransom. But, perhaps in an attempt to further embarrass the school district, the ransomware group decided to post thousands of files early on Sunday, October 2nd.

As first reported by NBC Los Angeles, LAUSD Superintendent Alberto Carvalho announced the creation of the hotline for victims of the ransomware attack.

The original breach occurred in September from the LA Unified School District’s computers. The data leaked includes personally identifiable information, confidential psychological assessments of students, legal documents, and databases.

LAUSD: Playing with fire?

Early on Sunday, October 2nd, the LAUSD originally declined to make any statement on the leak of thousands of files now on the dark web by Vice Society. The LAUSD was subsequently pressed for acknowledgement and a response to the leak, and by 11:15am, Carvalho shared the news of the hotline to all affected individuals.

The LAUSD has remained adamant in public statements that they would not pay the ransom—as is recommended by law enforcement agencies like the Federal Bureau of Investigations—as there is no guarantee paying the ransom would unencrypt the data and restore operations.

“This level of demand was, quite frankly, insulting,” Carvalho commented on Vice Society’s demands.

“Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate,” Carvalho continued.

“And we’re not about to enter into negotiations with that type of entity,” Carvalho concludes.

But, publicly refusing to pay the ransom in repeated public statements has seemed to antagonize the cyber criminal gang, leading to the early data leak as a proof of intent.

Vice Society responded in kind on Sunday stating, “CISA wasted our time, we waste CISA reputation,” referring to the Cybersecurity and Infrastructure Security Agency.

The comment was made next to a link to download the LAUSD file dump.

The deadline expires by tonight for the ransom to be paid—and if not, we’ll likely see a full release of LAUSD data by tomorrow.


Discover more from Cybersecurity Careers Blog

Subscribe to get the latest posts sent to your email.