UPDATED with more details: The massive cyberattack on the Los Angeles Unified School District as the school year started this month has been something of a mystery because of the lack of demands made by the hackers. But now they are demanding ransom, officials said.
“We can acknowledge … that there has been communication from this [hacker], and we have been responsive without engaging in any type of negotiations,” LAUSD Superintendent Alberto Carvalho told reporters at district headquarters Wednesday. “With that said, we can acknowledge at this point … that a financial demand has been made by this entity. We have not responded to that demand.”
Carvalho said Wednesday, however, that the hackers “did touch our MiSiS [My Integrated Student Information] System, which contains student information. To the best of our knowledge at this point … we believe that some of the data that was accessed may have some students’ names, may have some degree of attendance data, but more than likely lacks personally identifiable information or very sensitive health information or Social Security number information.”
The hack, which targets protected data and also attempts to disable the district’s computer systems, was found over Labor Day weekend, three weeks after some 400,000 students returned to classes. It also includes “tripwire” malware that can be triggered to cause further damage if not found and properly deleted.