The second largest school district in the US, LAUSD (Los Angeles Unified School District, Los Angeles Unified School District), reported that its IT systems were attacked by ransomware. LAUSD has over 640,000 students (kindergarten through 12th grade) and includes Los Angeles itself and 31 other municipalities.
County-wide technical issues were reportedly discovered over the weekend when attackers compromised access to LAUSD systems, including email servers. Approximately seven hours after the first report, it was confirmed that it was a ransomware attack.
LAUSD management immediately notified law enforcement and federal agencies (FBI and CISA) of the incident and continues to cooperate with authorities as part of the ongoing investigation.
Although the attack definitely impacted LAUSD’s infrastructure, district officials said the schools will continue to operate as normal while experts work to restore the affected servers (which may cause delays in some services).
“While we do not anticipate major technical issues that could prevent LAUSD from issuing missions, providing transportation, meals, or Beyond the Bell services, there may be delays and changes in business operations,” District officials said. “Based on a preliminary analysis of critical business systems, the attack did not affect employee health and payroll issues, and the cyber incident did not affect the security and emergency response mechanisms operating in schools.”
According to Emsisoft cybersecurity analyst Brett Callow, the attack on LAUSD was already the 50th ransomware attack on an educational institution in the United States this year. The list of ransomware victims includes 26 colleges and universities, as well as 24 school districts with 1,727 schools.
So far, LAUSD has not given any details about what information about students and staff could receive. l access the attackers, who was responsible for the incident, and whether the hackers demanded a ransom.
At the same time, shortly after the incident, representatives of the FBI, CISA and MS-ISAC made a joint statement. They warned the leadership of educational institutions about the activity of the extortionate group Vice Society, which has recently been active in the educational sector.