LAUSD Information Breach: Hackers Leak 25M Information, Together with Scholar Places

The Los Angeles Unified Faculty District (LAUSD) has fallen sufferer to a big information breach. A hacker recognized as “Satanic” from the group “The Satanic Cloud” has leaked the non-public, contact, and site particulars of tens of millions of scholars, lecturers, and different employees on Breach Boards.

The hacker’s put up on the notorious Breach Boards (Screenshot: Hackread.com)

Even worse, the info, which was dumped yesterday earlier this month, is now being circulated on varied hacking and cybercrime platforms, together with Russian-speaking websites and database leak-related Telegram channels.

For context, the Los Angeles Unified Faculty District (LAUSD) is a public college district in Los Angeles, California. It’s the largest public college system in California by pupil enrollment and the second largest in the US.

Hackread.com performed an in-depth evaluation of the complete dataset, comprising 10GB value of data, and concluded that the breach was official.

The dataset consists of the non-public data of over 24.16 million college students (24,156,469), and nearly 55,000 lecturers and employees have been impacted by this information breach. The precise variety of leaked e-mail addresses, after eradicating duplicate information, is 1,954,991 (roughly 1.95 million). Right here is the detailed breakdown of the complete dataset:

College students Information

Probably the most essential a part of this information breach entails pupil information, which incorporates private, contact, and tackle data reminiscent of the next:

  • Gender
  • Ethnicity
  • Zip Codes
  • Present Metropolis
  • Date of Start
  • ID Numbers
  • Faculty Names
  • Faculty Cellphone Numbers
  • Cellphone numbers
  • E-mail Addresses
  • Residence Addresses
  • Residence Location Coordinates
  • Immigration Standing
  • Guardian/Guardian ID Quantity
  • District Scholar ID Numbers
  • Full Names (First, center, final)
  • The town and nation the place the coed was born
  • Dad and mom Particulars (Full title, telephone numbers, dwelling and e-mail addresses)

and much more…

Academics and Different Employees Information

Like college students, the info breach has considerably impacted lecturers and different employees on the college. Hackread.com recognized the next data on lecturers whereas analyzing the info:

  • Gender
  • Ethnicity
  • Full Names
  • Date of Start
  • Seniority Information
  • Employees ID Quantity
  • E-mail Addresses
  • Residence Addresses
  • Faculty they work for
  • Location Coordinates
  • Training/Qualification
  • Faculty Names
  • Campus Codes
  • Employment Standing
  • Years of Expertise
  • Sort of Employment (Common, everlasting or non permanent)
  • The place they maintain within the college (Instructor, technical, or grounds employee, and many others)

and much more…

LAUSD Data Breach: Hackers Leak 25M Records, Including Student Locations
Screenshot from the info analysed by Hackread.com

Hackread.com contacted the hacker who claimed accountability for the assault and confirmed that this was a Snowflake-related breach. The hacker shared login credentials for the alleged Snowflake account used within the LAUSD information breach. In addition they warned that “a lot more is coming,” indicating additional exploitation of the Snowflake vulnerability.

LAUSD Data Breach: Hackers Leak 25M Records, Including Student Locations
The login hyperlink and credentials offered by the hacker which they declare have been utilized in extracting LAUSD information (Observe: Hackread.com didn’t log in or tried to log in to this portal)

It’s value noting that the Snowflake software program vulnerability was additionally the reason for the notorious Ticketmaster information breach. This vulnerability continues to be exploited by cybercriminals worldwide. Moreover, in response to Bloomberg, LAUSD has acknowledged that the info breach occurred as a result of a third-party vendor saved the stolen information on Snowflake.

Implications

Though the leaked data don’t include passwords or Social Safety Numbers (SSNs), this isn’t a random information breach. It entails contact particulars and the bodily areas of youngsters, who’re among the many most susceptible members of our society.

Dad and mom, lecturers, employees, and college students are suggested to be vigilant for any malicious actions which will happen underneath their names. This might embrace phishing scams, id theft incidents, pretend social media profiles, or makes an attempt to enroll on malicious websites.

  1. AT&T Confirms Information Breach Affecting 73 Million Customers
  2. Dell Discloses Information Breach As Hacker Sells 49 Million Consumer Information
  3. Insurance coverage Large ‘Globe Life’ Information Breach Impacting Policyholders
  4. AMD Information Breach: IntelBroker Claims Theft of Worker, Product Information
  5. Hackers Leak Information of two.5M Non-public Aircraft Homeowners in LA Airport Breach
  6. Location Tracker Agency Tile Hit by Information Breach, Inner Instruments Accessed

Recent articles

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

Dec 18, 2024Ravie LakshmananCyber Assault / Vulnerability Risk actors are...

Meta Fined €251 Million for 2018 Knowledge Breach Impacting 29 Million Accounts

Dec 18, 2024Ravie LakshmananKnowledge Breach / Privateness Meta Platforms, the...