The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency.
HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on December 31. The listing, seen by TechCrunch, claims that LockBit has stolen 15 terabytes of data from the housing agency.
Screenshots posted by the cybercriminals suggest the data includes the personal details of people who sought housing assistance from the city, as well as data from the city agency’s payroll, human resources and accountancy files.
In a statement given to TechCrunch, HACLA spokesperson Courtney Gladney declined to comment on specifics, but said that HACLA is experiencing “a cyber event” that resulted in “disruption” to the agency’s systems.
“We are working diligently with third-party specialists to investigate the source of this disruption, confirm its impact on our systems, and to restore full functionality securely to our environment as soon as possible,” the spokesperson said. “We remain committed to providing quality work as we continue to resolve this issue.”
At the time of publication, HACLA’s website appears to be operational but has not yet publicly acknowledged the cyber incident on its website or social media.
LockBit’s claimed attack on HACLA marks the second major cyberattack on a Los Angeles city agency in recent months. In September, the Los Angeles Unified School District — the second-largest school district in the U.S. — was hit by the Russian-speaking Vice Society ransomware group. The gang later published hundreds of gigabytes of data stolen during the attack, including passport details, Social Security numbers, health information and psychological assessments of students.
LockBit, meanwhile, is one of the more prolific ransomware gangs, with claimed attacks on tech manufacturer Foxconn, U.K. health service vendor Advanced and IT giant Accenture. In November, a dual Canadian-Russian citizen was charged for their alleged participation with the ransomware gang.
A notable development for the fraught issue of cross-border data flows from the Organisation for Economic Co-operation and Development (OECD) Wednesday: After two years of closed-door discussions, the intergovernmental organization has adopted a declaration on government access to data held by private sector entities. The declaration, which has been adopted by the 38 OECD countries […]
e new year has kicked off with some hefty security updates released by the likes of Apple, Google, and Microsoft. January has been a busy time for enterprise patches too, with SAP, VMWare, and Oracle among those issuing security fixes during the month. Here’s everything you need to know about the security fixes released in […]
LastPass’ parent company GoTo — formerly LogMeIn — has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems. The breach was first confirmed by LastPass on November 30. At the time, LastPass chief executive Karim Toubba said an “unauthorized party” had gained access to some customers’ information stored in a third-party cloud service shared […]
Leave a Reply