The second largest school district in the US, LAUSD (Los Angeles Unified School District), has reported that its IT systems have been attacked by ransomware. LAUSD has over 640,000 students (kindergarten through 12th grade) and includes Los Angeles itself and 31 other municipalities.
County-wide technical issues were reportedly discovered over the weekend when attackers compromised access to LAUSD systems, including email servers. Approximately seven hours after the first report, it was confirmed that it was a ransomware attack.
Let me remind you that we also wrote that Chinese Government Hackers Successfully Spy on Organizations in Europe, Australia and Southeast Asia, and also that Hackers Attacked an Anonymous Site for Sending Faeces by Mail.
LAUSD management immediately notified law enforcement and federal agencies (FBI and CISA) of the incident and continues to cooperate with authorities as part of the ongoing investigation.
Although the attack definitely impacted LAUSD’s infrastructure, district officials said the schools will continue to operate as normal while experts work to restore the affected servers (which may cause delays in some services).
According to Emsisoft cybersecurity analyst Brett Callow, the attack on LAUSD was already the 50th ransomware attack on an educational institution in the United States this year. The list of ransomware victims includes 26 colleges and universities, as well as 24 school districts with 1,727 schools.
So far, LAUSD has not released any details about what information the attackers may have accessed about students and staff, who was responsible for the incident, or whether the hackers demanded a ransom.
At the same time, shortly after the incident, representatives of the FBI, CISA and MS-ISAC made a joint statement. They warned the leadership of educational institutions about the activity of the extortionate group Vice Society, which has recently been active in the educational sector.