One of the largest school districts in the US has confirmed it has been hit by a major ransomware attack.
The Los Angeles Unified School District (LAUSD), which encompasses more than a thousand schools, 26,000 teachers and 600,000 students, confirmed the apparently wide-ranging attack, but is yet to identify the culprit.
The attack seems timed to coincide with the return of students to their classrooms in the Western world at the end of the traditional long summer holiday.
Back to school
In a press release outlining the news, LAUSD said that it first detected “unusual activity in its Information Technology systems” over the weekend, which was later confirmed to be a ransomware attack.
The attack was swiftly escalated to the upper echelons of US government, with LAUSD noting that the White House itself had alerted the Department of Education, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) in a combined effort to “provide rapid, incident response support”.
Schools across the district opened on September 6 as planned, with little impact on everyday learning expected, although LAUSD warned some institutions may encounter disruption in their “business operations”.
“Los Angeles Unified has initiated immediate adjustments to ensure this District is able to deliver what our Board, community, teachers, students and parents have come to expect, an excellent educational experience for all,” LAUSD said.
The release noted that a preliminary analysis of its critical business systems had confirmed that employee healthcare and payroll are not impacted, along with safety and emergency mechanisms in place at schools.
LAUSD was also able to ensure access to email, computer systems and applications was back up and running for the start of the new school year, and noted it would now carry out a full audit of its existing technology and security infrastructure.
However, there’s no news yet as to whether any LAUSD data was stolen or affected by the attack, with the district making no mention of such issues in its alerts.
Here’s the best endpoint protection services around today