The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency.
HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on December 31. The listing, seen by TechCrunch, claims that LockBit has stolen 15 terabytes of data from the housing agency.
Screenshots posted by the cybercriminals suggest the data includes the personal details of people who sought housing assistance from the city, as well as data from the city agency’s payroll, human resources and accountancy files.
In a statement given to TechCrunch, HACLA spokesperson Courtney Gladney declined to comment on specifics, but said that HACLA is experiencing “a cyber event” that resulted in “disruption” to the agency’s systems.
“We are working diligently with third-party specialists to investigate the source of this disruption, confirm its impact on our systems, and to restore full functionality securely to our environment as soon as possible,” the spokesperson said. “We remain committed to providing quality work as we continue to resolve this issue.”
At the time of publication, HACLA’s website appears to be operational but has not yet publicly acknowledged the cyber incident on its website or social media.
LockBit’s claimed attack on HACLA marks the second major cyberattack on a Los Angeles city agency in recent months. In September, the Los Angeles Unified School District — the second-largest school district in the U.S. — was hit by the Russian-speaking Vice Society ransomware group. The gang later published hundreds of gigabytes of data stolen during the attack, including passport details, Social Security numbers, health information and psychological assessments of students.
LockBit, meanwhile, is one of the more prolific ransomware gangs, with claimed attacks on tech manufacturer Foxconn, U.K. health service vendor Advanced and IT giant Accenture. In November, a dual Canadian-Russian citizen was charged for their alleged participation with the ransomware gang.
Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy. The app economy in 2023 hit a few snags, as consumer spending last year dropped for the first time by 2% to $167 billion, according to data.ai’s “State of Mobile” report. However, […]
Royal Mail CEO Simon Thompson has confirmed that a cyberattack is to blame for the ongoing disruption at the U.K. postal giant. The admission comes almost a week after Royal Mail first said it was hit by an unspecified “cyber incident” that left the British mail service unable to dispatch items to overseas destinations. “We’ve confirmed that we’ve had a […]
Emerging Indian social media app Slick left an internal database containing users’ personal information, including data of school-going children, publicly exposed to the internet for months. Since at least December 11, a database containing full names, mobile numbers, dates of birth, and profile pictures of Slick users was left online without a password. Bengaluru-based Slick launched in […]
Leave a Reply