The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency.
HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on December 31. The listing, seen by TechCrunch, claims that LockBit has stolen 15 terabytes of data from the housing agency.
Screenshots posted by the cybercriminals suggest the data includes the personal details of people who sought housing assistance from the city, as well as data from the city agency’s payroll, human resources and accountancy files.
In a statement given to TechCrunch, HACLA spokesperson Courtney Gladney declined to comment on specifics, but said that HACLA is experiencing “a cyber event” that resulted in “disruption” to the agency’s systems.
“We are working diligently with third-party specialists to investigate the source of this disruption, confirm its impact on our systems, and to restore full functionality securely to our environment as soon as possible,” the spokesperson said. “We remain committed to providing quality work as we continue to resolve this issue.”
At the time of publication, HACLA’s website appears to be operational but has not yet publicly acknowledged the cyber incident on its website or social media.
LockBit’s claimed attack on HACLA marks the second major cyberattack on a Los Angeles city agency in recent months. In September, the Los Angeles Unified School District — the second-largest school district in the U.S. — was hit by the Russian-speaking Vice Society ransomware group. The gang later published hundreds of gigabytes of data stolen during the attack, including passport details, Social Security numbers, health information and psychological assessments of students.
LockBit, meanwhile, is one of the more prolific ransomware gangs, with claimed attacks on tech manufacturer Foxconn, U.K. health service vendor Advanced and IT giant Accenture. In November, a dual Canadian-Russian citizen was charged for their alleged participation with the ransomware gang.
Showing that there’s real investor enthusiasm for identity management platforms, Saviynt, which enables companies to secure apps, data and infrastructure in a single platform, today announced that it raised $205 million in debt from AB Private Credit Investors’ Tech Capital Solutions group. Founder Sachin Nayyar, who returned to Saviynt as CEO this week alongside newly appointed […]
Reddit has confirmed hackers accessed internal documents and source code following a “highly-targeted” phishing attack. A post by Reddit CTO Christopher Slowe, or KeyserSosa, explained that on February 5 the company became aware of the “sophisticated” attack targeting Reddit employees. He says that an as-yet-unidentified attacker sent “plausible-sounding prompts,” which redirected employees to a website masquerading as Reddit’s […]
Many believe the key to keeping networks and data secure lies in watertight identity and log-in management, but what happens when you are using a variety of apps, platforms, and a hybrid of cloud and other servers and networks that cannot be used with the same ID management tool? A startup called Strata Identity working in the […]
Leave a Reply