Los Angeles Unified College District (LAUSD) officers are investigating a menace actor’s claims that they are promoting stolen databases containing data belonging to thousands and thousands of scholars and 1000’s of lecturers.
LAUSD is the second largest public college district in the US, with over 25,900 lecturers, roughly 48,700 different workers, and greater than 563,000 college students enrolled in the course of the 2023-2024 college 12 months.
The menace actor promoting the allegedly stolen information for $1,000 says the CSV information put up on the market on a hacking discussion board include over 11GB of information, together with over 26 million data with pupil data, greater than 24,000 instructor data, and round 500 containing workers data.
Additionally they shared two information samples containing roughly 1,000 pupil data with Social Safety Numbers (SSNs), addresses, mother or father addresses, e-mail addresses, contact data, and dates of start as proof that the knowledge was official.
Researchers who analyzed these samples instructed BleepingComputer that the bought information seems official however could possibly be previous, because the dataset doesn’t embody current dates. Nevertheless, the menace actor solely shared a small pattern of the allegedly stolen information, so there could also be new data that has but to be shared.
BleepingComputer contacted LAUSD earlier at present to substantiate the menace actor’s claims and was instructed that the general public college district is now investigating them.
“We’re trying into this and can get again to you if now we have additional data to share,” LAUSD Public Info Officer Britt Vaughan instructed BleepingComputer.
​Vice Society ransomware assault
LAUSD was additionally hit by a ransomware assault in September 2022, over the Labor Day weekend. The Vice Society gang claimed the breach, saying additionally they stole 500GB of information earlier than encrypting the district’s methods.
On the day LAUSD disclosed the incident, the FBI, CISA, and MS-ISAC additionally issued a joint advisory warning that Vice Society was disproportionately focusing on schooling organizations.
After the assault, LAUSD requested all workers (together with lecturers, help workers, and directors) and college students to reset their @LAUSD.web account credentials in individual at a district web site and expedited the rollout of multi-factor authentication.
Virtually one month after the assault, Vice Society printed the stolen LAUSD information on their darkish net leak web site, together with what a legislation enforcement supply described as “confidential psychological assessments of scholars, contract and authorized paperwork, enterprise data, and quite a few database entries.”
The leak got here after the district introduced that it might not pay the ransom demanded by the ransomware gang as a result of it would not assure the total restoration of information and “public {dollars} are higher spent on our college students.”
It’s unclear right now if the information at present being bought on the hacking discussion board is linked to the information stolen by Vice Society.
