LAUSD Cyberattack Exposes the Information of Minors and Might Have Long-Term Effects

The increased frequency of cyberattacks has made them almost commonplace. But the cyberattack on the Los Angeles Unified School District (LAUSD) was still a major case, especially since it targeted and exposed the information of minors and might come with some long-term effects.

In early September, LAUSD techs discovered an ongoing cyberattack and shut it down. While the intervention prevented an even worse situation, the hackers managed to get away with data. But the data was not the only objective, with the two-part attack aiming to retrieve some data and make other data inaccessible via encryption.

The cause of the breach was never discovered, but after the attack, the district shut down most of its computers and underwent security measures. That included having employees and students change their passwords.

But the attack did not end there. Eventually, LAUSD Superintendent Alberto Carvalho announced that the hackers responsible for the cyberattack sent a ransom request, which they refused to pay. Even after threats where the hacker group said they would release the data, the request was refused. It was the district’s belief that paying would not guarantee the recovery of all of the data.

The decision resulted in the release of sensitive information onto the dark web. The information included identifiable info on minors and disciplinary records related to building and grounds workers. Overall, truly sensitive and confidential information was not found. Carvalho stated that “The release was actually more limited than what we had originally anticipated.”

It is still not much of a consolation to parents, who are frustrated and concerned about their children’s information being exposed. Particularly, it hits home for many because it does target children, with the hackers acting upon vulnerable members of society.

Moreover, this is not the first attack on the education sector this year, with the LAUSD attack marking the 50th incident this year, according to cybersecurity firm Emsisoft.

But as history shows, these types of cyberattacks can have long-term effects. An example of that is the Baltimore school system. After suffering a ransomware attack years ago, retirees have had a difficult time with their pensions and healthcare payments. There have also been incidents where leaked data was used to apply for credit and other things, causing trouble for those affected.

Reasons like that are why experts have advised people against thinking it will be over quickly. The information from the leak is out there on the dark web, and while nothing might come of it, there is potential for something to happen down the line. That is especially true since the full extent of the breach remains a mystery.

Experts also commented that the data gained could include names, addresses, dates of birth, and even social security numbers. That data could be used for a number of reasons, including fraud. Moreover, it is something that can be done even without social security numbers, meaning even if that information was not revealed for all parties impacted, there might be repercussions down the line.

Of course, regardless of whether something happens in the future, cyberattacks are costly. And if proper measures are to be put in place to prevent similar incidents, it will cost far more, which is difficult for schools since they have many pressing needs. It is one of the reasons education institutions are increasingly-popular targets, no matter their size. Chances are, that will not change any time soon.