According to Los Angeles Unified School District (LAUSD), the second-largest school district in the U. S., the Vice Society ransomware group has stolen files containing private information, including Social Security Numbers, from contractors (SSNs).
Additionally, LAUSD disclosed that the threat actors were present on its network for more than two months, from July 31 to September 3, 2022. The group claimed to have stolen 500 GB of data from the school system's systems to BleepingComputer before distributing the stolen material, but they offered no supporting documentation.
Experian's IdentityWorksSM, which aids in detecting information misuse, is being made available to contractors and their staff members by LAUSD for free for a year. The FBI, CISA, and MS-ISAC jointly released an advisory warning of Vice Society's excessive targeting of the U.S. education sector on the day LAUSD reported the ransomware attack. Hackers replied to L.A. Unified's refusal to pay a ransom by exposing the data they obtained into the dark web, where other nefarious characters may use it for identity theft.
The school district declared it would not comply with the cybercriminals' ransom demands in order to better utilize the money for its students and their education, the ransomware group released data from LAUSD.
Data theft is simply one aspect of an operation. The second step entails encrypting computer systems so that users are unable to access them and daily business is rendered impossible. Although basic tasks, such as classroom instruction and record-keeping, were more challenging for approximately two weeks, hackers were able to encrypt systems in the district's facilities division. Schools never had to temporarily close, as in other places when various school systems were targeted.
The revelation in the notice came as no surprise to cybersecurity professionals. They anticipated that an examination would show the system intrusion started earlier than was initially reported. Officials from the school district did not disclose the number of potential victims. When there are more than 500 California citizens affected, the required number for public notification, a notice letter should be filed with the state attorney general in addition to notifying the victims.