The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency.
HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on December 31. The listing, seen by TechCrunch, claims that LockBit has stolen 15 terabytes of data from the housing agency.
Screenshots posted by the cybercriminals suggest the data includes the personal details of people who sought housing assistance from the city, as well as data from the city agency’s payroll, human resources and accountancy files.
In a statement given to TechCrunch, HACLA spokesperson Courtney Gladney declined to comment on specifics, but said that HACLA is experiencing “a cyber event” that resulted in “disruption” to the agency’s systems.
“We are working diligently with third-party specialists to investigate the source of this disruption, confirm its impact on our systems, and to restore full functionality securely to our environment as soon as possible,” the spokesperson said. “We remain committed to providing quality work as we continue to resolve this issue.”
At the time of publication, HACLA’s website appears to be operational but has not yet publicly acknowledged the cyber incident on its website or social media.
LockBit’s claimed attack on HACLA marks the second major cyberattack on a Los Angeles city agency in recent months. In September, the Los Angeles Unified School District — the second-largest school district in the U.S. — was hit by the Russian-speaking Vice Society ransomware group. The gang later published hundreds of gigabytes of data stolen during the attack, including passport details, Social Security numbers, health information and psychological assessments of students.
LockBit, meanwhile, is one of the more prolific ransomware gangs, with claimed attacks on tech manufacturer Foxconn, U.K. health service vendor Advanced and IT giant Accenture. In November, a dual Canadian-Russian citizen was charged for their alleged participation with the ransomware gang.
CircleCI, a company whose development products are popular with software engineers, has urged users to rotate their secrets following a breach of the company’s systems. The San Francisco–headquartered DevOps company said in an advisory published late Wednesday that it is currently investigating the security incident — its most recent in recent years. “We wanted to make you […]
Google’s cell network provider Google Fi has confirmed a data breach, likely related to the recent security incident at T-Mobile, which allowed hackers to steal millions of customers’ information. In an email sent to customers on Monday, obtained by TechCrunch, Google said that the primary network provider for Google Fi recently informed the company that there had been suspicious […]
This holiday season, consider giving the gift of security with an ad blocker. That’s the takeaway message from an unlikely source — the FBI — which this week issued an alert warning that cybercriminals are using online ads in search results with the ultimate goal of stealing or extorting money from victims. In a pre-holiday […]
Leave a Reply