Los Angeles Valley College paid a cyber-ransom in order to get back online after the school’s computer network came under attack, officials confirmed.
The cyber-attack caused widespread disruption to online, email, financial aid and voicemail systems, including locking out 1,800 students and teachers from their computers.
The hack, which launched against the Valley Glen school on Dec. 30, left the data of 20,000 students compromised.
Community college officials said they chose to pay $28,000 in bitcoins to unlock the ransomware, stating it was ultimately cheaper to pay the ransom than to remove the ransomware virus.
After paying the ransom, the school was given a key to re-open access to its digital data.
So far, the school said no data breach had been identified and stated it appeared to have been randomly targeted.
College president Erika Endrijonas said school officials consulted with the district and cybersecurity experts before deciding to pay the ransom. She said they thought about the needs of the students, faculty and staff and how they would be impacted if the computers remained locked.
“The general consensus was we needed to pay the ransom,” Endrijonas said. “We did and we got the codes back.”
Reaction on campus was mixed, with some students thankful they were able to once again access the systems and others wondering if it promotes future attacks.
One cybersecurity expert said paying the ransom does make such attacks more likely in the future.
“The problem is that this is in fact promoting the prevalence of this kind of crime and making it more likely that other victims are going to fall vulnerable to this,” said Clifford Neuman, a professor at the University of Southern California and director of its Center for Computer Systems Security.
An investigation by the Los Angeles County Sheriff’s Department was underway to track down the hackers.