LAUSD student information system breached after massive cyber attack
Hackers were able to breach the Los Angeles Unified School District's student information system after a massive cyberattack Monday night.
The district first detected unusual activity on its facility systems, which manages contract bidding, Saturday night. However, it only began to experience technical issues late Monday night. LAUSD said that none of its critical business systems such as employee healthcare or payroll were impacted. Also, the attack did not affect the safety and emergency mechanisms used in schools in the district.
The city and federal agents are still trying to determine the intent of the attack.
"We've received no demand at this point," said LAUSD Superintendent Alberto Carvalho.
The FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency have also joined the investigation into the attack on the nation's second-largest school district.
Los Angeles Mayor Eric Garcetti said the city faces about a billion cyber attacks every month.
"We monitor about a billion, that's with a B, billion events and attacks a month on our own networks in the city," said Garcetti.
The superintendent said he's been advised by the FBI to not reveal how the breach happened.
"It was clear to us that there was an external entity, a bad actor, involved," Carvalho said.
Cyber attacks typically happen after someone attains stolen login credentials and uses them to infiltrate an organization's system.
"A dark web attack is when a cybercriminal takes stolen login credentials, organizes them into a list, and through software, uses those stolen login credentials to attack websites, applications and systems in order to penetrate their system," said Darren Guccione, CEO of Keeper Security which makes cyber security software.
The district had all of its 70,000 employees and 540,000 students reset their passwords.
"The resetting of passwords happens only in the school site," said Carvalho. "With the exception of the virtual education students in our virtual academy.
Students returned to school as scheduled Tuesday morning despite the ransomware attack. It disrupted access to some of the district's computer systems, including emails. As a precaution, LAUSD deactivated all of its systems creating a problem for teachers trying to access their online lesson plans.
"I think for some of the new teachers or teachers that are primarily online based with instructions, it's been a really hard day," said LAUSD teacher Scott Whitney.