A criminal organization allegedly responsible for a massive ransomware attack against the LAUSD early this month has threatened to release illegally obtained data online, the district announced Friday.
District officials said in a news release they are working with law enforcement to determined what information was impacted and who it belongs to.
Employee healthcare and payroll have apparently been impacted, but safety and emergency mechanisms remain in place, officials said.
“This incident is a firm reminder that cybersecurity threats pose a real risk for school districts across the nation,” Los Angeles Unified School District officials said in the release. “This ransomware attack demonstrates vulnerabilities that leave school districts nationwide susceptible to the significant risk of disruption to instruction, home to school transportation or access to nutritious meals which are catastrophic for students and their learning.”
Following the attack and system outage that targeted LAUSD’s Information Technology infrastructure first reported on Sept. 5, district officials required passwords to be reset in person. The district also created an Independent Information Technology Task Force, made up of cybersecurity experts from top private and public sectors, officials said.
“The task force is examining the viability and validity of previous audits, and will report back with additional enhancements outlined in a final 90-day report,” the release detailed.
Additionally, LAUSD, along with more than a thousand education and technology leaders across the country, have requested that the Federal Communications Commission authorize the permanent use of existing E-Rate Program funds to “bolster and maintain IT security infrastructure.”
Despite the massive attack, officials said instruction and operations for students at the nation’s second largest school district was not interrupted.
LAUSD advised contractors, vendors and workers that they are making sure payments are not further interrupted.
Officials indicated that they will notify other school community partners if their personal information impacted.
Though the investigation into the cyberattack remains ongoing, officials noted that they will not be paying any kind of ransom.
“Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate,” the release stated.
A toll-free line has been established to answer questions about the incident.
Anyone with additional questions about the incident can call a dedicated toll-free line at 855-926-1129.
Suggest a Correction