成人抖阴

Help fund stories like this.

Updated, Oct. 4

The Vice Society ransomware gang reportedly published over the weekend a trove of sensitive student records from the Los Angeles school district. The data was posted to the gang鈥檚 dark-web 鈥渓eak site,鈥� after education leaders refused to pay 鈥� and at first even acknowledge 鈥� a ransom. 

Yet in a press conference Monday, Superintendent Alberto Carvalho sought to downplay the damage done, particularly as it relates to records about children. An said that student psychiatric evaluation records had been published online, citing a confidential law enforcement source. That reporting, Carvalho said, is 鈥渁bsolutely incorrect.鈥�

鈥淲e have seen no evidence that psychiatric evaluation information or health records, based on what we鈥檝e seen thus far, has been made available publicly,鈥� said Carvalho, who acknowledged the hackers had 鈥渢ouched鈥� the district鈥檚 massive student information system. The 鈥渧ast majority鈥� of exposed student data, including names, academic information and personal addresses, was from a period between 2013 and 2016. 鈥淭hat is the extent of the student information data that we have seen.鈥�

Roughly 500 gigabytes of district data was made public on Sunday by the Russian-speaking ransomware gang, which took credit for stealing the district records in a massive data breach last month. The full scope of the information released is unclear, yet after reviewing about two-thirds of the data, Carvalho said that 鈥渟o far, based on what we鈥檝e seen, critical health information or Social Security numbers for students,鈥� is not included.

Carvalho confirmed on Sunday that LAUSD鈥檚 data had been published on the dark web, but did not verify the type of data that was leaked. On Monday, he said that information from private-sector contractors, particularly those in construction, appeared most impacted. Breached records include contracts, financial information and personally identifiable data, Carvalho said.

Cybersecurity experts have warned that the release of district data could come with significant risks for current and former students. Children’s Social Security numbers are particularly valuable to identity thieves because they can be used for years without raising alarm.

James Turgal, a former executive assistant director for the FBI Information and Technology Branch, said it鈥檚 particularly important for officials to protect the sensitive data of children, who may 鈥渇ind out they own a condo in Bora Bora under their name 15 years from now鈥� because their information was exploited. 

Turgal, now the vice president of cyber risk and strategy at Optiv Security, praised the district’s decision to withhold payment.

鈥淭here鈥檚 no upside to ever paying a ransom,鈥� said Turgal, 鈥淢ore likely than not, even if LAUSD would have paid the ransom, [Vice Society] still would have disclosed the information鈥� on their leak site. 

Carvalho made it clear in several statements the district had no intentions of paying up, possibly prompting the criminals to publish the stolen data earlier than planned. Vice Society, which took credit for a massive data breach that caused widespread disruptions at America鈥檚 second-largest school district, had initially . 

鈥淲hat I can tell you is that the demand 鈥� any demand 鈥� would be absurd,鈥� Carvalho told the Los Angeles Times. 鈥淏ut this level of demand was, quite frankly, insulting. And we鈥檙e not about to enter into negotiations with that type of entity.鈥� 

In a statement, the district acknowledged that paying a ransom wouldn鈥檛 ensure the recovery of data and asserted that 鈥減ublic dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate. We continue to make progress toward full operational stability for several core information technology services.鈥� 

The district announced on Sunday a new hotline available to concerned parents and students seeking information about the breach. A district spokesperson declined to comment further. The district has also not revealed details of Vice Society鈥檚 demand.

Thank you to our students, families and employees for doing their part in the ongoing recovery from this cyberattack.

— Alberto M. Carvalho (@LAUSDSup)

In an email to 成人抖阴, Vice Society said they published the district data because 鈥渢hey didn鈥檛 pay,鈥� and acknowledged the 鈥渞ansom demand was big鈥� without providing a specific figure. Asked what makes school districts attractive victims for such attacks, the group offered a brief explanation: 鈥淢aybe news? Don鈥檛 know 鈥� We just attack it =).鈥�

Over the weekend, they that they demanded a ransom weeks earlier than district officials have publicly acknowledged. Asked about the size of the ransom, the group replied, 鈥渓et鈥檚 say that it was big =).鈥�

Since the breach was disclosed, district officials have been working with federal authorities at the FBI and Cybersecurity and Infrastructure Security Agency, which the ransomware group says has 鈥渨asted our time,鈥� in an email that federal authorities were 鈥渨rong鈥� to advise the district against paying. 

鈥淲e always delete documents and help to restore network [sic], we don鈥檛 talk about companies that paid us,鈥� the group told the news outlet. 鈥淣ow LAUSD has lost 500GB of files.鈥�

成人抖阴 has not reviewed the data published to the Vice Society leak site. Doug Levin, the national director of The K12 Security Information eXchange, said Monday he was unable to independently verify information posted to the leak site, suggesting that it may have been the victim of a hack. But once the data was published online, he said, it鈥檚 impossible to rein it back in.

鈥淵ou have to assume that it has been compromised by nefarious actors who have copied it down and the damage, therefore, is done,鈥� Levin said. 

For example, while Vice Society likely posted most of the data it exfiltrated onto its leak site, they may have held onto the most sensitive data like Social Security numbers to sell on a dark web marketplace, often for identity theft.

Now that sensitive data has been disclosed, the district must formally notify victims that their information was compromised and provide advice on how to best protect themselves, Levin said. The district may find themselves on the hook for as much as $100 million in medium-term recovery costs, Levin noted, to improve their cybersecurity infrastructure and work to prevent another attack in the future.

He said it鈥檚 important that affected educators, parents and students . The district announced plans to provide credit monitoring services to victims, but Levin said that victims should consider freezing their credit. 

鈥淭he school district itself is likely going to be facing a crisis of confidence in its school community about its ability to keep data and their IT systems safe and secure,鈥� Levin said. 鈥淯ltimately, they鈥檙e going to have to be able to answer the question of why they can be trusted to safeguard that personal information going forward.鈥� 

Help fund stories like this.