The Housing Authority of the City of Los Angeles (HACLA) is warning of a security incident after it fell victim to a ransomware attack that leaked its clients" sensitive information.
Established in 1938, HACLA is a state-chartered public agency that provides affordable housing to low-income individuals and families in Los Angeles, California. It also provides education and job training to help eligible families achieve self-sufficiency.
According to its data breach notice, HACLA discovered on December 31, 2022 that files on its computer systems were encrypted. This prompted the agency to shut down its servers and launch an investigation. The investigation ended back on February 13, 2023, where HACLA found that hackers infiltrated some of its servers between January 15, 2022 and December 31, 2022.
HACLA believes that hackers might have accessed the following information of HACLA members:
- Full names
- Social Security numbers
- Birthdates
- Passport numbers
- Driver’s license numbers or state identification numbers
- Tax identification numbers
- Military identification numbers
- Government issued identification numbers
- Credit/debit card numbers
- Financial account numbers
- Health insurance information
- Medical information
HACLA has notified affected individuals by mail and reported the security incident to local, state, and federal law enforcement, and relevant regulatory agencies. Finally, the agency says that it is taking steps to implement additional safeguards and review policies and procedures relating to
data privacy and security.
According to a report by BleepingComputer, the HACLA incident was claimed by the LockBit 3.0 ransomware gang, one of the most notorious ransomware-as-a-service operators today. The threat actors uploaded a sample of the files they claim to have stolen from HACLA on December 31, 2022, then followed it up with a threat on January 27, 2023 to leak all files. This means that the LockBit gang tried to negotiate with the agency but failed to reach an agreement.
To protect yourself from ransomware attacks, refrain from opening unsolicited emails and attachments, and visiting potentially malicious websites. Make sure as well that you have a backup of your files offsite like an external hard drive or the cloud so you can easily recover them in case of an attack. Finally, make sure to keep your security programs updated so they can easily detect and remove ransomware.
Source: HACLA, BleepingComputer