Los Angeles Unified Targeted by Ransomware Attack
Los Angeles, CA (September 5, 2022) – Los Angeles Unified detected unusual activity in its Information Technology systems over the weekend, which after initial review, can be confirmed as an external cyber attack on our Information Technology assets. Since the identification of the incident, which is likely criminal in nature, we continue to assess the situation with law enforcement agencies. While the investigation continues, Los Angeles Unified has swiftly implemented a response protocol to mitigate Districtwide disruptions, including access to email, computer systems and applications. This communication is being published after extensive, required vetting and approval by a number of entities and agencies.
Despite this significant disruption to our system’s infrastructure, schools will open on Tuesday, September 6 as scheduled. We are working collaboratively with our partners to address any and all impacted services. While we do not expect major technical issues that will prevent Los Angeles Unified from providing instruction and transportation, food or Beyond the Bell services, business operations may be delayed or modified. Based on a preliminary analysis of critical business systems, employee healthcare and payroll are not impacted, nor has the cyber incident impacted safety and emergency mechanisms in place at schools.
Los Angeles Unified is committed to delivering high-quality instructional programming, and we are benefiting from an immediate and comprehensive response from the federal government. After the District contacted officials over the holiday weekend, the White House brought together the Department of Education, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) to provide rapid, incident response support to Los Angeles Unified, building on the immediate support by local law enforcement agencies. At the District’s request, agencies marshaled significant resources to assess, protect and advise Los Angeles Unified's response, as well as future planned mitigation protocols.
Furthermore, Los Angeles Unified is immediately establishing a plan of action, informed by top public and private sector technology and cyber security professionals, to determine additional protections for the District, and to provide an independent opinion on system-wide protective measures. We will continue to benefit from the declared assistance of federal and state law enforcement entities to assist with investigative procedures and technical deployment and solutions. Presently, federal investigative and technical experts are working on-site, collaboratively, with the Information Technology Division.
Los Angeles Unified has initiated immediate adjustments to ensure this District is able to deliver what our Board, community, teachers, students and parents have come to expect, an excellent educational experience for all. In response, the following actions have been taken, will be taken immediately or will be implemented as soon as feasible.
- Independent Information Technology Task Force: Charged with developing a set of recommendations within 90 days, including monthly status updates
- Additional Human Resources: Deployment of Information Technology personnel at all sites to assist with technical issues that may arise in the coming days
- Technology Investments: Full scale reorganization of departments and systems to build coherence and bolster District data safeguards
- Advisory Council: Charged with providing ongoing advisement on best practices and systems, including emerging technological management protocols
- Technology Advisor: Directed to focus on security procedures and practices, as well as to conduct an overall data center operations review that includes an assessment of existing technology, critical processes, and current infrastructure
- Budget Appropriation: Directed appropriation of any necessary funding to support Information Technology Division infrastructure enhancement
- Employee Training: Develop and implement mandatory cybersecurity responsibility training
- Forensic Review: Expand ongoing assistance from federal and state law enforcement entities to include a forensic review of systems
- Expert Team: Creation and deployment of an expert team to assess needs and support the implementation of immediate solutions
Additional communication will be provided as it becomes available based on ongoing assessments, informed, vetted and approved by legal and law enforcement agencies.
Expectations for Tuesday, September 6, 2022:
- Uninterrupted instruction and staffing
- Adaptive attendance collection
- Ongoing phone communication with parents and the workforce, and Districtwide hotline support
- Transportation: Parents may contact this hotline for any delay-related issues (Contact: 800-522-8737)
- Districtwide: Students, families and staff may contact the District hotline with questions or support needs (Contact: 213-443-1300)
- Scheduled food service deliveries
- Ongoing, undisrupted payroll processing
- Undisrupted response to emergency facilities service orders and calls
- Operational Daily Pass Portal to enable parents and employees to upload positive tests
- Scheduled Beyond the Bell, Adult Education and Early Education programming
About Ransom IT
Local, knowledgeable technicians available to respond rapidly onsite or assist your business remotely with hardware, software, networking, wireless or security needs.
Ransom IT employs State of the art, integrated ticketing, security, remote monitoring and maintenance systems.
Our knowledgeable team of IT experts, coupled with a broad array of partnerships with other software and hardware companies around the globe, allow for an efficient, secure, and cost-effective solution, customized for each customer.
Get a Quote: Our Competitive Rates are designed to meet every IT budget.
Ransom Information Technology Services (Ransom IT)