According to reports, the data dump included sensitive identifying information such as social security numbers, passport information, and tax form details
Last month, the Ransomware group Vice Society hacked the Los Angeles Unified School District, the country's second largest, paralyzing the computer system. The criminals sought money for the return of the stolen data two weeks after the original attack.
Vice Society has now made good on its threat, publishing 500 GB of data on its leak site on Saturday. Alberto Carvalho, the superintendent of the district, previously told the Los Angeles Times that he did not believe any confidential personnel information had been stolen. However, the data release on Saturday appears to contradict that story, while the entire scope of the leak's impact is unknown.
According to the Los Angeles Times, some of the documents released online include confidential information from school facility personnel as well as tax forms with sensitive identifying information such as social security numbers.
According to Bleeping Computer, there were further folders in the data dump that appeared to contain passport information, as well as others tagged "Secret and Confidential." According to police, some of the papers now available on Vice Society's leak site include student psychological exams, contracts, and business information.
Although the hackers had stated that the data would be released pending ransom on October 3, the data was released on Saturday, one day after Carvalho stated that the district would not be paying or negotiating with the hackers. According to an earlier LA Times report:
"What I can tell you is that any demand would be ludicrous," Carvalho stated. "However, the level of demand was, to put it mildly, insulting." And we're not going to negotiate with that type of entity."
"Paying ransom never ensures the full recovery of data, and Los Angeles Unified believes public resources are better spent on our children rather than capitulating to a sinister and illegitimate crime syndicate," he said later in a statement.
Carvalho issued another remark following the release of the data. "In collaboration with law enforcement, our experts are assessing the full scope of this data release," he said, before directing concerned members of the community to a newly established incident response hotline.
Thank you to our students, families and employees for doing their part in the ongoing recovery from this cyberattack. pic.twitter.com/K8VhiFmSbL
— Alberto M. Carvalho (@LAUSDSup) October 2, 2022
According to a statement sent by the district on Friday, LAUSD is conducting an internal investigation into the attack and plans to issue a cybersecurity report within 90 days. "To our school community and partners, we will keep you updated when new information becomes available, and we will notify you if your personal information is affected, as necessary." "We also anticipate to provide credit monitoring services to impacted people as needed," the statement stated.
"This event serves as a stark warning that cybersecurity attacks pose a genuine concern to school districts across the country." Los Angeles Unified is not the first public school district to be targeted, and it will not be the last, according to the news release. The statement requested the FCC to permit the use of E-Rate Program monies to improve security and IT infrastructure.
The LA Unified School District includes over 1,000 schools and about 600,000 pupils. It is the largest school district in the United States and is only second in size to New York City Public Schools... thus far. School district and other educational institution hacking has become more widespread in recent years. According to Emsisoft, ransomware assaults targeted 62 districts and 26 colleges in 2021 alone.
#Hacker #ViceSociety #LAUSD #AlbertoCarvalho #LosAngleles #NewYork
SOURCE: gizmodo
What do you think of this blog? Write down at the COMMENT section below.
No comments:
Post a Comment