Los Angeles Unified School District Probes Alleged Data Theft: Unraveling the Shocking Truth

Imagine this: you’re a parent of a student in the Los Angeles Unified School District (LAUSD), the second-largest public school district in the United States. You hear that a threat actor is claiming to be selling stolen databases containing records of millions of students and thousands of teachers. What would you do? How would you feel?

Well, that’s exactly what’s happening right now. LAUSD, which had over 25,900 teachers, around 48,700 other employees, and more than 563,000 students enrolled during the 2023-2024 school year, is currently investigating these claims.

A whopping 11GB of data for sale

The threat actor is offering the allegedly stolen data for $1,000 on a hacking forum. The CSV files up for grabs contain over 11GB of data, including more than 26 million student records, over 24,000 teacher records, and around 500 staff records, as first spotted by Dark Web Informer.

As proof of the data’s legitimacy, the threat actor shared two samples containing roughly 1,000 student records with Social Security Numbers (SSNs), addresses, parent addresses, email addresses, contact information, and dates of birth.

Now, as an IT Services provider, we’ve seen our fair share of cybersecurity incidents. But this one is alarming. While the data sample may be old, it still contains sensitive information that could be used for identity theft or other malicious purposes. And the worst part? There could be more recent data that hasn’t even been shared yet.

LAUSD and law enforcement on the case

When we contacted LAUSD about the threat actor’s claims, they said they were investigating and had informed law enforcement, who are now assisting in the investigation. The school district is clearly taking this situation seriously, as they should, given the potential impact on their students, families, and employees.

Not the first time: Vice Society ransomware attack

Unfortunately, this isn’t the first cybersecurity incident for LAUSD. In September 2022, the school district was hit by a ransomware attack over Labor Day weekend. The Vice Society gang claimed responsibility, stating that they had stolen 500GB of files before encrypting the district’s systems.

Following the attack, LAUSD implemented new security measures, such as requiring all employees and students to reset their @LAUSD.net account credentials in person at a district site and speeding up the rollout of multi-factor authentication.

But despite these efforts, almost a month later, Vice Society published the stolen LAUSD data on their dark web leak site, which included sensitive information such as confidential psychological assessments of students and legal documents.

At this time, it’s unclear whether the data currently being sold on the hacking forum is linked to the data stolen by Vice Society.

What can you do to protect yourself and your organization?

Whether you’re a parent, student, or employee of a school district, or even if you’re just concerned about your own cybersecurity, there are steps you can take to protect yourself and your organization. Stay informed about the latest threats, implement strong security measures, and don’t hesitate to reach out to IT Services providers like us for help.

We’re here to support you, educate you, and help you stay one step ahead of cybercriminals. Contact us today and let’s work together to keep your information safe and secure.