On Friday, the school district announced that it would not be caving to the ransom demands, citing the district’s need to use the funds for students’ education.
“Los Angeles Unified remains firm that dollars must be used to fund students and education,” read a statement released by LAUSD on Friday.
“Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate.”
The group responsible for the school attack, known as Vice Society, has just today added a link to the stolen data to the “Los Angeles Unified School District” entry on their data leak site.
The US Cybersecurity and Infrastructure Security Agency (CISA), which is helping the school district deal with the attack, is contacted as well.
“CISA wasted our time, we waste CISA reputation,’ reads a message on the Vice Society ransomware data leak site.
In an earlier interview with BleepingComputer, the Vice Society Ransowmare group claimed to have stolen 500 GB of data during the attack, but they did not offer any evidence.
Authorities told NBC Los Angeles that the stolen files include “confidential psychological assessments of students, contract and legal documents, business records, and numerous database entries.”
In the event that personal information was compromised during the attack, LAUSD has stated that it will notify the school community, partners, and employees as well as offer free credit monitoring services. It will take some time to analyse this data, and it’s not uncommon for other threat actors to use information published by ransomware gangs in their own attacks.
This information could be used in phishing attacks, so it’s important for everyone in the education system to be on the lookout. Also, if it turns out that sensitive information like Social Security numbers and passport numbers were leaked, the affected people should immediately freeze their credit to protect themselves from identity theft and financial fraud.
Emsisoft threat analyst Brett Callow claims that the Vice Society ransomware gang has targeted at least eight additional K-12 institutions and higher education institutions in the United States in 2022.