A ransomware attack against Clark County School District (CCSD) in Las Vegas has ultimately triggered a data breach involving Social Security numbers, student information and other private information, The Wall Street Journal reports.
Administrators at Clark County say they will be individually notifying affected individuals as the district’s investigations continues, The Journal reported. The district “values openness and transparency and will keep parents, employees and the public informed as new, verified information becomes available,” the statement said.
The district is cooperating with law enforcement, but did not state whether it has hired digital forensics or MSSP (managed security services provider) experts to investigate and recover from the indicident.
Ransomware Attacks Las Vegas School District: More Details
Here's a timeline of the attack:
- August 27, 2020: The ransomware attack against Clark County School District was activated on August 27, according to a public disclosure from the district.
- September 14, 2020: The hacker sent a data-related warning to Clark County, according to Emsisoft, a cybersecurity firm that has been tracking the attack.
- Late September 2020: By late September, the hacker released "more sensitive nature, including employee Social Security numbers, addresses and retirement paperwork. For students, information released includes a data file with names, grades, birth dates, addresses and the school attended," The Journal reports, quoting Emsisoft.
- September 28, 2020: The school district released this statement about the attack:
"National media outlets are reporting information regarding the data security incident CCSD first announced on Aug. 27, 2020. CCSD is working diligently to determine the full nature and scope of the incident and is cooperating with law enforcement. The District is unable to verify many of the claims in the media reports. As the investigation continues, CCSD will be individually notifying affected individuals.
CCSD values openness and transparency and will keep parents, employees and the public informed as new, verified information becomes available.
For questions, please call 1-888-490-0594 and refer to the statement released on this data security incident by clicking here."
Hacker Demands: Undisclosed
The school district did not disclose how much the hackers were demanding in the ransomware attack, nor has the district disclosed if the IT systems involved in the attack have been restored.