Cyberattack in Los Angeles Unified District Targeted Vendors

Contributing Writer
Cyberattack in LAUSD targets vendors

The nation’s second-largest school district is investigating a cyberattack from last year that compromised the personal information of an undisclosed number of contractors. 

Officials with the Los Angeles Unified School District sent a “notice of data breach” letter to an unnamed vendor or vendors this month notifying the company that hackers have accessed computer systems in the district’s network that store sensitive contractor data. 

The breached information included “labor compliance documents, including certified payroll records, that contractors provided to L.A. Unified in connection with Facilities Services Division Projects,” according to the letter. 

“Those files contained the names, addresses and Social Security numbers of contractor and subcontractor employees and other affiliated individuals,” the letter reads. 

LAUSD says hackers were “engaged in reconnaissance on or about July 31, 2022,” and accessed files maintained on the district’s servers on Sept. 3 2022. 

The “cyberattack began and ended,” on that day in September, said district spokesperson Shannon Haber. 

The district declined to comment on how many vendors or contractors were affected. Last year, LAUSD was the target of a massive ransomware attack that disrupted its access to email, computer systems and applications.

In its letter to the unnamed vendor, the school system says it didn’t identify the breach of contractor data until Jan. 9 of this year. A review of the cyberattack is ongoing, according to the letter, and LAUSD has since “implemented additional safeguards and technical security measures.” 

In general, cyber criminals have been targeting school districts at an increased pace in recent years. 

A Backdrop of School Attacks

There have been more than 1,330 publicly disclosed school cyber incidents since 2016, according to K12 Security Information Exchange (K12 SIX). And even that figure likely only captures a small slice of incidents experienced by schools, districts, and vendors.

Public attention in recent cyberattacks has overwhelmingly focused on the vulnerabilities posed to school districts and their records, but the notification sent by LAUSD was directed specifically at contractors working with the school system.

LAUSD has offered to provide the contractors with free credit monitoring services for one year, according to the letter.

“We encourage you to notify your employees of this incident if you believe that you provided their personal information to L.A. Unified in connection with Facilities Services Division projects,” the letter said. 

This post has been updated. 

Image by Getty

Follow EdWeek Market Brief on Twitter @EdMarketBrief or connect with us on LinkedIn.

See also: