What happened in the Los Angeles Unified School District cyberattack?
It was the 50th attack on the education sector this year
The Los Angeles Unified School District — the second-largest district in the United States — fell victim to a cyberattack in early September. On Saturday, after LAUSD Superintendent Alberto Carvalho refused to pay a ransom, the hackers released some of the stolen data onto the dark web. Here's everything you need to know:
How did the cyberattack unfold?
On Sept. 3, LAUSD technicians saw that a cyberattack was in progress and cut it off; if they hadn't acted as quickly as they did, Carvalho said, the situation would have been a lot worse. Officials revealed there were two parts to the attack — the stealing of data and the encryption of some data to make it inaccessible — and it's not yet clear if "human error" caused the breach or if it was "a systemic failure on the part of a third-party entity" connected to the system. Carvalho acknowledged that the district may never find out how this happened.
In the wake of the attack, most of the district's computer systems were shut down, and employees and students were asked to make new passwords. Last week, Carvalho announced the district had received a ransom request from the hackers, "and we have been responsive without engaging in any type of negotiations." He added: "We have not responded to that demand." He did not reveal the ransom amount.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The hackers, who call themselves the Vice Society, made an announcement on the dark web warning that if the ransom wasn't paid, they would begin publishing information obtained in the hack on Monday. Carvalho again refused, with the district saying Friday that paying ransom "never guarantees the full recovery of data" and "public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate." The next day, sensitive information from the district's system was released on the dark web.
What information is now on the dark web?
The Los Angeles Times said Monday it had scanned the documents and found some identifiable information on minors, as well as records of disciplinary actions against building and grounds workers dating back to 2008 and 2009. The LAUSD's analysts and law enforcement officials have reviewed about two-thirds of the data, and Carvalho said Monday that "based on what we have seen, there is at this point no evidence of widespread impact as far as truly sensitive, confidential information. The release was actually more limited than what we had originally anticipated."
Because every document requires close analysis, LAUSD's chief information officer, Soheil Katal, said it could take another week to review the leaked material. Carvalho also conceded that the hackers could be holding onto more sensitive information to release in the future.
How much data was involved?
The LAUSD has 1.6 million gigabytes of data in its system, and officials said the hackers were able to obtain about 500 gigabytes. The computer system belonging to the Facilities Services Division, which oversees maintenance and construction, was the most compromised, per the Times.
What does the LAUSD know about the hackers?
The hackers used servers based in Canada, Germany, and the Netherlands, Carvalho said Monday, and "based on available information, it is quite likely that this entity operates within the geographic boundaries of Russia."
What are LAUSD employees and parents saying?
Many have expressed their frustration over a lack of communication from the district, the Times reports, and are worried about their information — or their children's — being exposed. Others are saving their ire for the hackers. "I am so disgusted by this act against the most vulnerable members of our society," Alicia Montgomery, head of the advocacy group Center for Powerful Public Schools, told the Times. "To think they are just holding districts across the country hostage — impeding academic instruction and growth at a time when we are all trying to mitigate the harm from two years of emergency instruction is bad enough. But to add insult to injury, they are selling information about children. This is just so despicable," she said.
The district said anyone whose data was affected will be contacted and offered credit monitoring services, and that a hotline has been set up to provide assistance.
Has there been an increase in cyberattacks involving U.S. schools?
The LAUSD attack was the 50th attack on the education sector this year, cybersecurity firm Emsisoft told CNN. In January, Albuquerque Public Schools had to cancel classes for two days following a cyberattack, which affected its systems containing information on student emergency contacts. Brett Callow, a threat analyst with Emsisoft, told the Times that schools are in "a very tough position. People want them to be spending money on educating kids, and dedicating millions of bucks to additional IT security measures and IT staff may not be the most politically popular decisions, until something like this happens."
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Catherine Garcia has worked as a senior writer at The Week since 2014. Her writing and reporting have appeared in Entertainment Weekly, The New York Times, Wirecutter, NBC News and "The Book of Jezebel," among others. She's a graduate of the University of Redlands and the Columbia University Graduate School of Journalism.
-
'Epic meltdown'
Today's Newspapers A roundup of the headlines from the US front pages
By The Week Staff Published
-
The World of Tim Burton: a 'creepy, witty and visually ravishing' exhibition
The Week Recommends Sprawling show at the Design Museum features over 600 exhibits from across the directors' five-decade career from early sketches to costumes and props
By Irenie Forshaw, The Week UK Published
-
Crossword: October 31, 2024
The Week's daily crossword
By The Week Staff Published
-
Florida educators face off with state officials over a teacher shortage
Speed Read As of mid-August, there were roughly 7,000 teaching vacancies across Florida, according to the state's teachers union. But the Florida Department of Education says differently.
By Brigid Kennedy Published
-
Florida schools' tug-of-war with AP Psychology
The Explainer As the Florida school year starts, some districts remain unclear about AP Psychology's legality
By Justin Klawans Published
-
How wealth impacts college admissions
Speed Read Affirmative action for race may be over, but a study suggests it still exists for the children of wealthy families
By Theara Coleman Published
-
The college rankings rebellion
Speed Read Some of America’s top universities are rejecting the tyranny of U.S. News & World Report’s annual lists
By The Week Staff Published
-
Why are grad schools boycotting the U.S. News & World Report rankings?
Speed Read Is this the end of the college ranking system as we know it?
By Theara Coleman Published
-
Not enough teachers
Speed Read An epidemic of teacher burnout has many school districts struggling to fill positions. Why are teachers unhappy?
By The Week Staff Published
-
America's crushing teacher shortage
Speed Read The beginning of the school year is quickly approaching but thousands of teaching positions remain unfilled
By Catherine Garcia Published
-
A history of slavery at Harvard University and beyond
Speed Read The school is setting aside $100 million to redress its ties to slavery
By Grayson Quay Published