The Los Angeles Unified School District (LAUSD) has confirmed that a criminal hacking group was able to access their systems and steal data. The attackers demanded that the school district pay an undisclosed amount to prevent the release of the stolen data to the public. However, the district refused the ransom demands, stating that “Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate.”
In a tweet Sunday, LAUSD confirmed that the data was published by the hacking group. They also announced that an incident response hotline would be available to assist those who have questions or need support. News outlets report that the leaked data includes “confidential psychological assessments of students, contract and legal documents, business records, and numerous database entries.”
Last August, we published a blog post detailing that the education sector was one of the biggest targets for ransomware attacks. A little over a year later, it appears that statistic has not changed. AllSafe IT’s takeaway from this incident is to remember that oftentimes, it’s WHEN not IF an organization will be hit with ransomware. While it’s important to take steps to prevent an attack, organizations should also assume they will eventually be hit and have a response plan in place.
AllSafe IT recommends the following best practices:
AllSafe IT is proud to have spent over 15 years providing IT services to hundreds of companies—many of those within the education sector. Our specialized services are uniquely tailored to provide our customers with the reliability, protection, and fast services needed to ensure 100% uptime and maximized data security. From comprehensive and preventative cybersecurity strategies to 24/7 customer support, AllSafe IT understands the unique needs of educators.