LAUSD says Vice Society ransomware gang stole contractors’ SSNs

Los Angeles Unified Schools District (LAUSD) is the country’s second largest school district. According to Vice Society, the ransomware gang stole files that contained contractors’ personal data, including Social Security Numbers.

LAUSD revealed, too, that threat actors had been active within its network for more than two months between July 31st 2022 and September 3rd 2022.

“Through our ongoing investigations, we discovered that an unauthorized actor obtained certain files on our servers between July 31st, 2022 and September 3rd, 2022,” said the school district in to the affected persons.

LAUSD found payroll records, other labor-related documents and SSNs in the stolen data during the security breach that lasted two months.

LAUSD stated that they identified documents for labor compliance, which included certified payroll records and certifications, as well as those provided by contractors to L.A. Unified regarding Facilities Services Division projects on January 9, 2023.

These files included the Social Security numbers, names and addresses of subcontractor and contractor employees as well as other associated individuals. They were provided by LAUSD with certified payroll records for Facilities Services Division projects.

After Alberto M. Carvalho, superintendent of LAUSD, confirmed that Vice Society had published the theft on its leak site in October 2022 and declared that its experts and law enforcement were now analyzing its impact.

The gang claimed that 500GB of school data had been stolen before leaking the files to BleepingComputer, but they didn’t give any evidence.

LAUSD entry on Vice Society’s data leak site (BleepingComputer)

After the school district declared it wouldn’t give into the ransomware demands, the ransomware gang leaked LAUSD data. It also stated it was going to use the money better for students and education.

Los Angeles Unified stated at that time, “Paying ransom does not guarantee the complete recovery of data. Los Angeles Unified believes public money are more effective spent on students than succumbing to an illicit and nefarious crime syndicate.”

To prevent identity theft and financial fraud, it is important that all individuals affected by this data breach immediately stop using their credit cards.

LAUSD will provide contractors and employees with an exclusive one-year membership to Experian IdentityWorksSM, which would assist in detecting misuse of information.

On the day LAUSD reported the ransomware attack on its education sector, CISA, MS-ISAC and FBI published an advisory joint warning about .

Vice Society, which has breached LAUSD, launched attacks against other schools and districts worldwide including the and ).

LAUSD has more than 640,000 students. It includes Los Angeles, 31 small municipalities, some unincorporated Los Angeles County sections, and Los Angeles.