The second largest school district in the US has warned that hackers have begun posting data they claim to have stolen from the institution last month.
The Los Angeles Unified School District (LAUSD), which serves over 600,000 students from kindergarten to twelfth grade, was compromised by the Vice Society group in early September.
It’s unclear exactly how much or what type of data may now have been exposed by the group, although at the time of the original incident, LAUSD said employee healthcare and payroll information was not impacted.
The district’s superintendent, Albert Carvalho posted a note to Twitter on Sunday confirming the leak.
"Unfortunately, as expected, data was recently released by a criminal organization," it noted. "In partnership with law enforcement, our experts are analyzing the full extent of this data release."
The district has set up a hotline for "school communities" who need additional support.
The move by Vice Society comes after LAUSD confirmed on Friday that it would not be paying its extorters.
"It is important to note that this investigation is ongoing. Los Angeles Unified remains firm that dollars must be used to fund students and education," it said in a statement.
"Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate. We continue to make progress toward full operational stability for several core information technology services."
The initial cyber-attack struck over the Labor Day holiday weekend in the US, and required a rapid response co-ordinated by the White House and involving the Department of Education, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA).
Ransomware actors favor striking at such times as they know IT teams will be understaffed and response times potentially slower.