Current News



Hackers release data after LA school district refuses to pay ransom

Howard Blume, Los Angeles Times on

Published in News & Features

LOS ANGELES — Hackers released data from the Los Angeles school district on Saturday, a day after Superintendent Albert Carvalho said he would not negotiate with or pay a ransom to the criminal syndicate.

Some screenshots from the hack were reviewed by the Los Angeles Times and appear to show some Social Security numbers. But the full extent of the release remains unclear.

The release of data came two days earlier than the deadline set by the syndicate that calls itself Vice Society — and happened in apparent response to what it took as Carvalho's final answer regarding whether the district would pay the hackers to prevent the release of private information and also to receive decryption keys to unlock some district computer systems.

"What I can tell you is that the demand — any demand — would be absurd," Carvalho told the Times on Friday. "But this level of demand was, quite frankly, insulting. And we're not about to enter into negotiations with that type of entity."

In a statement released later that day, he added: "Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate."

The extent of the data theft is now being evaluated by federal and local authorities.


Carvalho said on Friday that he believed confidential information of employees was not stolen. He was less certain about information related to students, which could include names, grades, course schedules, disciplinary records and disability status.

Whatever the case, he said, the district will provide assistance to anyone who is potentially harmed by the release of data, including by setting up an "incident response" line at (855) 926-1129. Its hours of operation are 6 a.m. to 3:30 p.m., Monday through Friday, excluding major U.S. holidays.

Since the attack, which was discovered on Sept. 3, the nation's second-largest school district has worked closely with local law enforcement, the FBI and the federal Cybersecurity and Infrastructure Security Agency or CISA.

CISA posted a warning to education institutions about Vice Society immediately after the LAUSD attack without directly confirming that the syndicate was responsible for it.


swipe to next page
©2022 Los Angeles Times. Visit Distributed by Tribune Content Agency, LLC.


blog comments powered by Disqus