The Los Angeles Unified School District, the second largest in the nation, said Friday that cybercriminals who targeted it with a ransomware attack plan to release some of the hacked data online.
The supposed leak comes as federal officials warn that ransomware attacks on US schools may increase as children return to school and cybercriminals see more extortion opportunities.
LAUSD said in a statement it’s working with law enforcement to “determine what information was impacted and to whom it belongs.” The district did not disclose whether it knows what data may be released or when.
The school district announced what it called a significant ransomware attack over Labor Day weekend last month, along with the response from the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
LAUSD has not disclosed the ransom demanded by the criminal organization.
The attack was the 50th this year on the US education sector, according to a tally by cybersecurity firm Emsisoft.
The district said employee healthcare or payroll data did not appear to be impacted and that unspecified “safety and emergency mechanisms remain in place.” Credit monitoring services will be provided, according to the statement.
“To our school community and partners, we will update you when we have relevant information, and notify you if your personal information is impacted, as appropriate,” the district said.
The investigation is ongoing and the district said paying ransom “never guarantees the full recovery of data” and “public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate.”
The school district said it has joined education and technology leaders in calling on the Federal Communications Commission to “immediately authorize” the use of E-Rate Program funds to strengthen the IT security infrastructure. The program helps schools and libraries with broadband access to improve telecommunication capabilities.
Ransomware attacks against schools are becoming more common.
A predominantly Black college in Illinois was forced to close in May after a pandemic-induced drop in admissions and fallout from a ransomware attack on its computer systems.
A separate attack in January forced the Albuquerque, New Mexico, public school system to close for two days. The hack affected systems with information on emergency contacts for students and adults who are authorized to pick up students.
Another ransomware attack on a software provider in January affected the websites of about 5,000 schools, mostly in the US, that used the software.