June 21, 2024 at 05:11PM
Los Angeles Unified School District confirmed a data breach from its Snowflake account, with student and employee data stolen by threat actors. After investigations by Snowflake, Mandiant, and CrowdStrike, it was revealed that at least 165 organizations were targeted due to lack of multi-factor authentication. Multiple threat actors put the stolen data up for sale, with ongoing investigations and involvement of law enforcement agencies.
From the meeting notes, here are the key takeaways:
– The Los Angeles Unified School District (LAUSD) experienced a data breach after threat actors stole student and employee data by breaching the company’s Snowflake account.
– The breach was part of a larger series of attacks by threat actors targeting numerous organizations, including TicketMaster, Satandar Bank, Advance Auto Parts, and Pure Storage, by leveraging stolen customer credentials to access accounts that lacked multi-factor authentication protection.
– LAUSD recognized that the stolen data, which included sensitive information such as student names, addresses, financials, and performance scoring, was indeed taken from its Snowflake account.
– Multiple threat actors gained access to LAUSD’s data, as demonstrated by two separate incidents of data being sold and leaked by different individuals.
– LAUSD is collaborating with the FBI, CISA, and its vendors to further investigate the incident.
– Given the significant amount of exposed data, students, teachers, and staff members are advised to remain vigilant against potential phishing attempts and unauthorized access to their personal information.
These are the key points distilled from the meeting notes regarding the data breach incident involving the Los Angeles Unified School District.