U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

APT

The Los Angeles Community College District paid a $28,000 ransom to decrypt its files

The Los Angeles Community College District has paid a US$28,000 ransomware after crooks compromised its network. Fortunately, the school retrieved data. A Los Angeles school has paid a US$28,000 ransomware after crooks compromised its network. Cyber criminals encrypted computer services, including email systems, at the Los Angeles Community College District. The ransomware used in the attack encrypted […]

The Los Angeles Community College District paid a $28,000 ransom to decrypt its files

The Los Angeles Community College District has paid a US$28,000 ransomware after crooks compromised its network. Fortunately, the school retrieved data.

A Los Angeles school has paid a US$28,000 ransomware after crooks compromised its network. Cyber criminals encrypted computer services, including email systems, at the Los Angeles Community College District. The ransomware used in the attack encrypted hundreds of thousands of files on New Years Eve. This is one of the highest publicly-known ransomware demands to be paid.

The school opted to pay the ransom because it failed to backup its data belonging 1,800 staff and 20,000 students.

“Hackers recently broke into Valley College’s servers seizing file, email and messaging systems and are ransoming them for almost $30,000. The cyber attackers left the college a note on one of its servers’ X-drives, requesting the money to be paid by BitCoin.” reported the campus newspaper The Valley Star.

“You have 7 days to send us the BitCoin after 7 days we will remove your private keys and it’s impossible to recover your files,” said the ransom note that appeared on the college’s servers six days ago.”

The Los Angeles Community College District officially issued an official statement to explain the decision of paying the ransom.

“In consultation with district and college leadership, outside cybersecurity experts and law enforcement, a payment was made by the District.” states the report published by the school. “It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost.”

The college confirmed that the investigation is ongoing and that student data was not compromised due to the cyber attack.

“At this early stage of this complex investigation, no data breach has been identified; however, we will continue to communicate with the LAVC community and the public as the investigation proceeds.” reads the report.

Fortunately, after the payment was made by the school, crooks delivered a ‘key’ to allow the college decrypt data.

In March 2016, a ransomware infected systems at the US Hollywood Presbyterian Medical Center in Los Angeles, in that case, the hospital paid about $17,000 to the crooks for restoring patients’ files.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Ransomware, Los Angeles Community College District)