LA housing authority admits data breach following ransomware attack

News
By
published

HACLA suffers a second data breach in two years

Lock on Laptop Screen
(Image credit: Shutterstock.com) (Image credit: Future)

The Housing Authority of the City of Los Angeles (HACLA) has suffered its second ransomware attack in as many years.

Threat actors known as Cactus added HACLA to its data leak website, claiming to have stolen 891 GB of files from the organization.

The archives reportedly include, "personal Identifiable Information, actual database backups, financial documents, executives\employees personal data, customer personal information, corporate confidential data and correspondence.”

No details

A small sample was posted as proof of the claims, and soon after, HACLA confirmed the news to BleepingComputer, saying it was currently investigating the incident.

"We've been affected by an attack on our IT network. As soon as we became aware of this, we hired external forensic IT specialists to help us investigate and respond appropriately," a HACLA spokesperson told the publication.

"Our systems remain operational, we're taking expert advice, and we remain committed to delivering important services for low income and vulnerable people in Los Angeles."

The company did not share additional details, therefore we don’t know exactly when the breach happened, how the crooks gained access to the network, or if the information about stolen data is accurate. Furthermore, we don’t know who is affected by the breach, and if the stolen data belonged to employees, business partners, or end users.

HACLA is a public agency that provides affordable housing options and supportive services to low-income residents in Los Angeles, as well as families, seniors, and individuals with disabilities who need this type of assistance. It manages public housing, Section 8 vouchers, and various housing programs aimed at addressing homelessness and promoting community stability.

Cactus is a known ransomware group that first emerged almost two years ago. So far, it has breached more than 250 companies, but has been keeping a relatively low profile lately.

Via BleepingComputer

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.