Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, claims that the Vice Society ransomware gang stole files containing personal information about contractors, including social security numbers ( SSN).
LAUSD also revealed that the threat actors were active on its network for more than two months, between July 31, 2022 and September 3, 2022.
“Through our ongoing investigation, we have determined that between July 31, 2022 and September 3, 2022, an unauthorized actor accessed and acquired certain files stored on our servers,” the school district said in data breach notification letters sent to the persons concerned.
While reviewing data stolen during the two-month security breach, LAUSD discovered payroll records and other work-related documents that included SSNs and assigned people’s names and home addresses.
“On January 9, 2023, we identified labor compliance documentation, including certified payroll records, that contractors provided to LA Unified as part of Facilities Services Division projects,” said LAUSD.
“These files contained the names, addresses, and social security numbers of employees of contractors and contractors and other affiliated individuals ‘who provided LAUSD’ with certified payroll records in connection with the Division’s projects. facility services”.
This comes after LAUSD Superintendent Alberto M. Carvalho confirmed in October 2022 that Vice Society had posted the theft on its leak site and announced that its experts and law enforcement had begun analyzing the impact. of the leak.
Before disclosing the stolen files, the gang told BleepingComputer they stole 500GB of data from school system systems, but offered no evidence.
Ransomware gang leaked LAUSD data after school district announcement that he would not give in to cybercriminals’ ransom demands and that he could put the money to better use for his students and their education.
“Paying a ransom never guarantees full data recovery, and Los Angeles Unified believes that public money is better spent on our students than capitulating to a nefarious and illicit crime syndicate,” LAUSD had told the time.
Because social security numbers and other sensitive personal information have been exposed, those affected by the data breach should immediately freeze their credit to prevent financial fraud and identity theft.
LAUSD is offering contractors and their employees a free one-year membership to Experian’s IdentityWorksSM, which would help detect misuse of their information.
On the day LAUSD disclosed the ransomware attack, the FBI, CISA and MS-ISAC issued a joint warning of The Vice Society disproportionately targets the education sector in the United States.
After violating LAUSD, Vice Society has claimed attacks on other school districts, schools, and universities around the world, including the Cincinnati State Technical and Community College and the University of Duisburg-Essen (UDE).
LAUSD has more than 640,000 K-12 students and includes Los Angeles and 31 smaller municipalities and some unincorporated sections of Los Angeles County.