The Vice Society Ransomware gang published data and documents Sunday morning that were stolen from the Los Angeles Unified School District during a cyberattack earlier this month.
LAUSD superintendent Alberto M. Carvalho confirmed the release of stolen data in a statement posted to Twitter, along with announcing a new hotline launching tomorrow morning at 855-926-1129 for concerned parents and students to ask questions about the data leak.
“Unfortunately, as expected, data was recently released by a criminal organization. In partnership with law enforcement, our experts are analyzing the full extent of this data release,” tweeted Carvalho.
The public release of data comes after the school system announced Friday that they would not be giving in to the ransom demands and that the district could better use the money for students and their education.
“Los Angeles Unified remains firm that dollars must be used to fund students and education,” read a statement released by LAUSD on Friday.
“Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate.”
Today, the Vice Society gang, who is behind the attack on the school system, updated the ‘Los Angeles Unified School District entry on their data leak site with a link to the stolen data.
Included is a message for the US Cybersecurity and Infrastructure Security Agency (CISA), who is assisting the school district in responding to the attack.
“CISA wasted our time, we waste CISA reputation,’ reads a message on the Vice Society ransomware data leak site.
The Vice Society Ransowmare gang previously told BleepingComputer that they stole 500 GB of data during the attack but had not previously provided any proof of data theft.
While BleepingComputer has not examined any of the data leaked today, some of the folders indicate they may contain sensitive information, such as ‘ssn’, ‘Secret and Confidential’, ‘Passport’, and ‘Incident.’
A law enforcement source for NBC Los Angeles also warned that the leaked documents include “confidential psychological assessments of students, contract and legal documents, business records, and numerous database entries.”
LAUSD has previously said that they notify those in the school community, partners, or employees if their personal information was exposed in the attack and would be providing free credit monitoring services.
However, analyzing this data will take some time, and it’s not uncommon for other threat actors to utilize data published by ransomware gangs for their own attacks.
Therefore, all school students, parents, and employees should stay vigilant against possible phishing campaigns that utilize this information.
Furthermore, if it is determined that Social Security Numbers and passports have been exposed, it is strongly advised that those affected freeze their credit to prevent identity theft or financial fraud.
According to Brett Callow, a threat analyst at Emsisoft, the Vice Society ransomware gang has attacked at least eight other US school districts and colleges/universities in 2022.