Los Angeles Unified School District had student and teacher data stored in Snowflake accounts maintained by one or more third-party vendors. As part of the UNC5537 / ShinyHunters credential campaign targeting 160+ Snowflake customers, threat actor ‘Sp1d3r’ accessed LAUSD vendor accounts. In June 2024, the attacker posted ~11 GB of data for sale on dark web forums for $1,000, allegedly containing 26+ million student records, 24,000 teacher records, and ~500 staff records. Exposed data included student names, addresses, financials, grades, performance scores, disability status, discipline details, parent information, and physical location data. LAUSD stated no direct compromise of its own systems; the breach was entirely via a third-party vendor’s unsecured Snowflake instance. Notable as the largest US K-12 breach linked to the Snowflake campaign.