Data Destruction St Louis | Secure Document Destruction of St. Louis

by

LAUSD Data Hack Highlights Growing School Cyber Vulnerabilities

School Data Hack Case Study

On a Saturday morning on the first weekend of September 2022, just days before school was scheduled to start for more than 400,000 students in the Los Angeles Unified School District, the district fell victim to a massive cyberattack. Hackers threatened to release the private data of students and families throughout the second largest school district in the nation. The FBI, the Department of Homeland Security, and local investigators were called in immediately to assess the real and threatened damage.

Until investigators could determine the extent of the breach, they completely shut down the district’s digital footprint. At the time, the district did not know whether student information — assessments, grades, class schedules, disciplinary records, reports about disabilities — was accessed by hackers through the district’s online student management system.

In a news conference shortly after the attack was revealed, LAUSD Supt. Alberto Carvalho, Los Angeles Mayor Eric Garcetti, and Los Angeles Police Chief Michel Moore said the hackers have encryption skills to cover their tracks and “shut us out of what they have or what they saw.”

If the district had lost the ability to manage its fleet of buses, “over 40,000 of our students would not have been able to get to school,” Carvalho said. If food services or payroll systems had been taken down, the impact “would have been significant, very disruptive and debilitating to our school system.”

Investigators discovered hackers had launched a ransomware tool that temporarily disabled systems, froze others, and had access to some degree of data. There were indications that the hack could have originated in a foreign country, and although no ransom demand was made initially, it eventually made its way to school officials.

The attempted theft of data was one element of the attack on LAUSD. The other involved attempting to disable district computer systems, making them inaccessible. Although both elements of the attack were only partly successful, full recovery has been difficult.

During the initial rebooting, technicians found so-called tripwires left behind that could have resulted in more structural damage or the further theft of data.

The LAUSD attack has been linked to a criminal syndicate called Vice Society, although authorities have declined to confirm it. However, Carvalho has acknowledged that the attack came from a group that is familiar to law enforcement and known for attacking school systems.

To lessen the hack impact, district officials took the unprecedented move of shutting down all district systems. But recovering from the shutdown created other problems. Assignments and lesson plans were inaccessible, and no student or employee had access to the system until they were able to reset their password. This process began on the following Tuesday with school already in session.

LAUSD was an attractive target for hackers because of how many people could be affected when district systems become unavailable. According to cybersecurity experts, this makes the impacted organization potentially more willing to pay a ransom to recover its system and encourages criminals to seek larger payments.

The hackers can demand ransoms both to restore systems and to keep private data from being posted publicly, which is exactly what happened with a similar breach to the Clark County School District in Nevada.

These are not isolated incidents. In 2021, cybersecurity firm Emsisoft, which tracks cyberattacks in education and other sectors, reported 88 educational organizations were affected by ransomware: 62 school districts and 26 colleges and universities.

While the LAUSD hack is massive, it is not the biggest to ever take place. In May, the Chicago public school system announced that a massive data breach exposed four years’ worth of records of nearly 500,000 students and just under 60,000 employees.

A recent cyberattack targeted a company, Illuminate Education, whose clients include LAUSD and whose services reach more than 17 million students in 5,200 schools and school districts.

To combat this disturbing trend, over the past several years, the Cybersecurity and Infrastructure Security Agency (CISA) and its partners have responded to a significant number of ransomware incidents. Unfortunately, malicious parties have adjusted their ransomware tactics to be more destructive and impactful, becoming bolder as they exfiltrate data and then threaten to sell or leak it if the ransom is not paid.

LAUSD officials took several measures to respond to the attack, starting with creating an independent Information Technology Task Force. It was charged with developing recommendations within 90 days which are now focused on:

  • Deploying technical staff across the vast school system to assist with issues that arise in the coming days.
  • Reorganizing departments and systems “to build coherence and bolster data safeguards.”
  • Appointing an expert technology advisory council and naming a technology advisor who will focus on security procedures and practices and an overall data center operations review.
  • Adding budget dollars as needed and improving employee training.
  • Analyzing systems with help from federal and state law enforcement.

Mayor Garcetti emphasized the need for all government agencies to be proactive and vigilant, announcing that the city must fend off 1 billion cyberattacks every month: “That’s with a B,” he said.

Protecting Schools Before an Attack

Although LAUSD minimized damage after the fact, there are several things school districts can do before they fall victim to a cyber hack and ransom demands. Strategies for protecting data and devices from an attack should be technical and procedural.

With in-house IT professionals or the help of a cybersecurity expert who specializes in the education sector, an effective plan should include the following:

  • Store data securely to ensure that the whole school community’s data are kept private and to comply with the Family Educational Rights and Privacy Act (FERPA).
  • Regularly back up data in case of accidental or deliberate corruption or destruction of data.
  • Create firewalls and an approved list of individuals with access to the school’s or school district’s networks and systems. The list should be regularly reviewed to ensure that only those individuals who have permission to access the systems can do so.
  • Monitor networks continually to assess the risk from cyber threats. Schools and school districts can get support from the U.S. Department of Homeland Security or data security firms.
  • Ensure the devices and software your school uses always have the latest updates.
  • Install antivirus software on all your devices.
  • Use a secure connection to access your school’s network or systems remotely.
  • Make sure paper records for disposal containing sensitive information are disposed of or destroyed securely.
  • Check that your school website is not disclosing any personally identifiable information that scammers could use.
  • Payroll, accounts, and leadership staff should also review what personal information they are disclosing publicly on social media and adjust their privacy settings if required.
  • Educate students, parents, front-line staff, teachers, and administrators about the need to maintain strict procedures and protections to avoid data hacks.
  • Develop, review, and test an incident response plan with your IT professionals. The plan should cover what procedures you will follow in the event of a cyber-attack.

UPDATE: As of early October, LAUSD officials had received a ransom request but refused to pay or negotiate with the hacking group. An initial deadline for payment passed, and the group released some data, but it was not as large or sensitive of a release as officials had initially feared. Like many cyberattacks, this situation is still active and ongoing and may continue for many more months.

About

John has lived and breathed the document security industry for the last decade.  John prides himself on SDD’s ability to innovate and consistently stay ahead of the curve.  However, his approach toward the business has stayed consistent, delivering incredible customer service and complete document destruction for the St. Louis area.

Testimonials

"Thanks, John. Your company is first rate and I have already recommended it to several friends and relatives. Keep up the good work!"
Mike W.
"Thank you John. The service provided by SDD was outstanding. You provided everything that was promised and at the designated time arranged and I might add that your man that handled the job couldn't have been nicer or accommodating.. It is rare to find businesses that follow through with their promises. We appreciated doing business with you and would recommend SDD to anyone needing this service. Thank You!"
Joe B.
Distribution Sales, Leviton Manufacturing
"John did a great job! Friendly, answered all my questions, very helpful. Thanks for providing good service!"
Lana E.
Alton, IL
"We had a problem when our previous shredding company raised their prices sky-high. When we called SDD; John gave me a quote over the phone and came out the next day. They performed the same size job in about half the time, … at a lower price! We would recommend them highly to anyone who needs shredding."
Chris K.
Missouri Insurance Exchange
"It gives our company "peace of mind" to depend on the professional & personable, fast & efficient shredding services of Secure Document Destruction of St. Louis. I would highly recommend SDD STL. The service and price is exceptional!"
Laura K.
La De Da Entertainment
"Secure Document Destruction is AWESOME!! John always takes great care of us, the service is fast and reliable; John, our service/driver is great too. Looking back, I wish I would have switched to SDD sooner! 5 out of 5 stars!"
Tracy T.
Central Bank of St Louis
"Thank you! Everything went very well. Great customer service from beginning to end!! I am sure we will be in touch for future clean up projects."
Amy F.
Oasis Institute
"THANKS!!!! My house feels better with ALL that paper gone! The service was excellent!!! Thanks again!"
Kathy Ames
Desoto, MO
"SSD provided the shredding services for my business when I closed in 2013 and again in 2024 when I called on them to shred the last of the documents that had been held in storage. They were friendly, honest and very helpful throughout the difficult process which was made easy with their professionalism over the years I dealt with them and I highly recommend them."
Bob L.
Rock Hill, MO
"You and John are wonderful people and I thank you so much for working with me. God Bless you both."
Laura E
"Your service/driver guy, JP just came and did our pickup. He is such a nice, friendly person and so are you. It is great doing business with you guys."
Berry Silberberg Stokes PC

Contact Us

Secure Document Destruction of St. Louis
2517 Adie Rd.
Maryland Heights, MO 63043
(Appointments only at this location. Please call 314-795-0004)

314-795-0004
Fax: 618-281-7153
In Illinois: 618-281-3245

Email Us

About Us

Services

Onsite Shredding Service
Commercial Shredding Service
Residential Shredding Services
Hard Drive Destruction
Data Destruction
Routine Service
One-time or Purge Service
Document Shredding Services
Mobile Shredding Services
Document Destruction Services
Residential Shredding Services
Medical Records Shredding

Categories

STLCHAMBERLOGONAID AAA LogoOFallon-Chamber-Logo

Review Us