"Our school district recently learned about an incident in which an individual gained access to a list containing student identification numbers, names and their corresponding LBUSD-provided email addresses," the district wrote to parents and students in an email obtained by the Press-Telegram. "Please know that LBUSD's network remains secure."
LBUSD officials couldn't immediately be reached for comment.
The email noted that more sensitive student and staff information — including addresses, birthdates, social security numbers and grades — had not been impacted by the cyber attack.
LBUSD first learned about the cyberattack on Tuesday evening, the email said. The district's Tecnology and Information Services Branch coordinated with multiple federal, state and local agencies, including law enforcement, to ensure that the more sensitive personal information hadn't been compromised.
"While our student information systems remain secure," the email said, "we continually consider ways to further strengthen our systems and keep our data safe."
It's unclear how many LBUSD students had their data compromised by the hack.
LBUSD has about 67,500 students, according to the most-recent data available on the state education department's website.
The incident was made public on Wednesday, Feb. 22, after Brett Callow — a threat analyst at cybersecurity company Emsisoft — posted about the apparent attack on Twitter. Callow's tweet included a screenshot of a post on a hacking forum boasting they had stolen data from the district's website and had made it available there.
Callow shared an additional screenshot with the Press-Telegram that showed another post from the same individual discussing plans to conduct similar cyber attacks on other school districts throughout the country, including the Charlottesville City Public Schools District in Virginia.
But despite those concerns, Callow said the LBUSD incident is on the lower-end of the severity scale.
"It's nothing at all like last year's attack on LAUSD," he said, referencing an attack that hit the Los Angeles Unifiled School District.
That attack compromised about 2,000 student assessment records, as well as positive COVID-19 test results, driver's license numbers and Social Security numbers, LAUSD said this week.
©2023 Press-Telegram, Long Beach, Calif. Distributed by Tribune Content Agency, LLC.
