LAUSD Investigates Allegations of Student and Teacher Data Being Sold on the Dark Web

Los Angeles Unified School District (LAUSD) is currently looking into allegations that an individual on the dark web is selling purported personal information about students and teachers. This information, believed to have been obtained during a cyberattack in 2022, includes sensitive details about individuals born between 1993 and 2010.

The data sample provided by the seller includes various personal details such as home addresses, homelessness status, disability status, and contact information for relatives. While the district has not yet confirmed if the data belongs to actual students and teachers, they have released a statement acknowledging the situation and are working with law enforcement to investigate further.

The information was being offered for $1,000 on a hacker forum, with around 11 GB of data spread across a few files. The post claimed that a total of 24 million records were available for purchase. Following a ransomware attack by the Vice Society group in September 2022, LAUSD Superintendent Alberto Carvalho stated that while valuable data was not compromised, some personal information did end up on the dark web.

Cybersecurity experts warn that the exposed personal information could potentially be used in future phishing attacks, posing a risk to those affected. As investigations continue, it remains to be seen if the data from the recent dark web listing is linked to the 2022 cyberattack on LAUSD’s systems.

It is crucial for LAUSD to ensure the privacy and security of its students, families, and employees in light of these concerning developments.