Los Angeles Housing Authority Hit By Cyber Ransom Attack

The Los Angeles Housing Authority recently announced that it had been attacked by an apparent cyberattack. According to a major tech industry website, the hackers have given the organization a deadline to reply.

On December 31, the hacker team Lockbit claimed responsibility for a ransomware attack by publishing screenshots of allegedly stolen 15 gigabytes of data stored in HACLA databases.

They’ve stated that if their pay demands are not met, they’ll expose the material on the dark web on January 12. The local agency called the case a “cyber event” in a statement, but it didn’t elaborate on the details of the attack or the potential data breaches.

Neither HACLA’s website nor its social media accounts have made any official statement about the cyber incident.

The public housing organization in the city, HACLA, has a capital of more than $1 billion. The data breach wasn’t immediately disclosed to the California Department of Justice, which keeps a public database of breaches.

The City’s Housing Authority oversees public housing buildings and other rental assistance programs, gathering personal and financial data from thousands of individuals who are eligible for or want housing assistance.

The housing authority manages over 6,300 public housing units where residents can use the HACLA online payment portal to pay rent using a bank account or credit card information.

The size of the data set and the folder structure showed that the attack was directed at a shared file storage system rather than a single machine. Furthermore, whether HACLA plans to comply with LockBit’s ransomware demands is unknown.

Security agencies worldwide warn against paying ransom to hackers, and enterprises targeted by ransomware operators prefer not to pay any ransom because it doesn’t promise their data will be released.

This arrest is the result of over two-and-a-half years of investigation into the LockBit ransomware group, which has harmed victims in the United States and around the world.Deputy Attorney General Lisa O. Monaco

In a criminal complaint by the Department of Justice against an accused participant, LockBit was referred to as one of the world’s most active and devastating ransomware variations.

Meanwhile, Mikhail Vasiliev, a dual citizen of Russia and Canada, has been arrested for his alleged participation in LockBit’s activities.

According to the complaint, LockBit members have demanded over $100 million in ransom since January 2020 and have successfully collected “tens of millions” from victims.

LockBit’s Recent Victims

It isn’t the only local housing authority targeted by ransomware. Hackers have recently gained access to the Indianapolis Housing Agency, the Bremerton Housing Authority in Washington state, and the Cuyahoga Metropolitan Housing Authority in Ohio.

The frequency of ransomware attacks has increased since 2017 despite the U.S. government being more proactive.

In 2022, LockBit expanded beyond governmental institutions. Additionally, it successfully attacked commercial firms like Continental AG and Accenture.

Organizations inside and outside the United States continue to face a serious threat from ransomware.

Recently, the LockBit ransomware team has been highly active, launching threats against the Sick Kids Hospital in Toronto, Canada, and the Port of Lisbon in Portugal. Both incidents happened in December.

According to screenshots shared by the hackers, the information collected included human resources, payroll, and accounting file data for city agencies and the personal information of individuals who requested housing assistance from the city.

Second Major Attack On Los Angeles

Within the previous year, Los Angeles has been the target of several high-profile ransomware attacks.

The second-largest school district in the nation, the Los Angeles Unified School District, was the target of a ransomware attack by the Russian-speaking Vice Society ransomware gang.

The LA Unified School District infamously refused to pay the ransom and mocked the ransomware organization. In the end, the group exposed the data, including identifying information about staff, medical histories, students, and academic performance.

Following public criticism, the school district was compelled to develop a hotline to address the situation.