The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency.
HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on December 31. The listing, seen by TechCrunch, claims that LockBit has stolen 15 terabytes of data from the housing agency.
Screenshots posted by the cybercriminals suggest the data includes the personal details of people who sought housing assistance from the city, as well as data from the city agency’s payroll, human resources and accountancy files.
In a statement given to TechCrunch, HACLA spokesperson Courtney Gladney declined to comment on specifics, but said that HACLA is experiencing “a cyber event” that resulted in “disruption” to the agency’s systems.
“We are working diligently with third-party specialists to investigate the source of this disruption, confirm its impact on our systems, and to restore full functionality securely to our environment as soon as possible,” the spokesperson said. “We remain committed to providing quality work as we continue to resolve this issue.”
At the time of publication, HACLA’s website appears to be operational but has not yet publicly acknowledged the cyber incident on its website or social media.
LockBit’s claimed attack on HACLA marks the second major cyberattack on a Los Angeles city agency in recent months. In September, the Los Angeles Unified School District — the second-largest school district in the U.S. — was hit by the Russian-speaking Vice Society ransomware group. The gang later published hundreds of gigabytes of data stolen during the attack, including passport details, Social Security numbers, health information and psychological assessments of students.
LockBit, meanwhile, is one of the more prolific ransomware gangs, with claimed attacks on tech manufacturer Foxconn, U.K. health service vendor Advanced and IT giant Accenture. In November, a dual Canadian-Russian citizen was charged for their alleged participation with the ransomware gang.
A recent study finds that software engineers who use code-generating AI systems are more likely to cause security vulnerabilities in the apps they develop. The paper, co-authored by a team of researchers affiliated with Stanford, highlights the potential pitfalls of code-generating systems as vendors like GitHub start marketing them in earnest. “Code-generating systems are currently […]
WhatsApp is rolling out a picture-in-picture feature for its iOS app with its latest update. This allows users to access WhatsApp or other apps without shutting out the video feed on the call. The company rolled out this feature with the 23.3.77 version of its iOS app. Until now, if you switched to another app […]
Twitter finally broke its silence over the first security incident of the Musk era: an alleged data breach that exposed the contact information of millions of users In late December, a poster on a popular cybercrime forum claimed to have scraped the email addresses and phone numbers of 400 million Twitter users by way of a zero-day security […]
Leave a Reply