LA housing authority confirms breach claimed by Cactus ransomware

The Housing Authority of the Metropolis of Los Angeles (HACLA), one of many largest public housing authorities in america, confirmed {that a} cyberattack hit its IT community after current breach claims from the Cactus ransomware gang.

HACLA supplies reasonably priced public housing and help applications to low-income households, kids, and seniors in Los Angeles, California. As a state-chartered public company, it administers over 32,000 public housing models on an annual finances of over $1 billion.

“We’ve been by affected an attack on our IT network. As soon as we became aware of this, we hired external forensic IT specialists to help us investigate and respond appropriately,” a HACLA spokesperson instructed BleepingComputer.

“Our systems remain operational, we’re taking expert advice, and we remain committed to delivering important services for low income and vulnerable people in Los Angeles.”

The group has but to reveal when the assault was detected and if any delicate knowledge was uncovered or stolen in the course of the incident.

Whereas HACLA did not reveal the character of the cyberattack, the Cactus ransomware gang has claimed the breach, saying it allegedly stole 891 GB of recordsdata from the compromised community.

Cactus claims this stolen knowledge consists of “personal Identifiable Information, actual database backups, financial documents, executivesemployees personal data, customer personal information, corporate confidential data and correspondence,” and has already printed some screenshots of delicate paperwork on its leak website as proof.

The ransomware gang has additionally uploaded an archive containing allegedly stolen recordsdata to show their claims.

HACLA Cactus ransomware entry
HACLA Cactus ransomware entry (BleepingComputer)

Cactus ransomware surfaced in March 2023 with double-extortion assaults and has since added over 260 firms to its darkish net knowledge leak website.

Its operators breach company networks in partnerships with varied malware distributors, utilizing bought credentials, phishing assaults, or exploiting safety vulnerabilities of their targets’ Web-exposed programs.

HACLA was additionally breached by the LockBit ransomware gang two years in the past, because the group disclosed in March 2023.

The info breach discover revealed that the attackers had entry to HACLA’s programs for a whole yr, between January 15, 2022, and December 31, 2022.

Earlier than encrypting gadgets on the breached community on December 31, 2022, the attackers had entry to HACLA members’ delicate private data, together with (however not restricted to) names, social safety numbers, contact data, driver’s licenses, bank card and monetary account numbers, in addition to their medical insurance and medical data.

The LockBit ransomware group leaked all stolen recordsdata on January 27, 2023, after the federal government company refused to pay the ransom demanded by the cybercriminals.

Recent articles

China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Marketing campaign

î ‚Nov 22, 2024î „Ravie LakshmananCyber Espionage / Malware A China-linked nation-state...

APT-Ok-47 Makes use of Hajj-Themed Lures to Ship Superior Asyncshell Malware

î ‚Nov 22, 2024î „Ravie LakshmananCyber Assault / Malware The risk actor...