The LockBit ransomware group attacked the Housing Authority of the City of Los Angeles (HACLA) online and stole more than 15 terabytes of agency data.
After being targeted by the attack and having its data taken in the attack exposed, the HACLA is issuing a "data security event" alert, Bleeping Computer writes.
The HACLA Is Notifying Individuals Of The Attack's Possible Impact
The HACLA is a state-chartered organization that offers low-income individuals and families in Los Angeles, California, affordable housing.
The governmental agency, which has a $1 billion annual budget, also offers job training and education to assist qualified families in becoming self-sufficient and enhancing their quality of life.
The HACLA noticed that computer systems on its network had been encrypted, which prompted the agency's IT team to shut down all servers and initiate an investigation, according to the data breach notice.
On February 13, 2023, the results of the investigation into the incident were released, showing that between January 15 and December 31 last year, hackers had illegal access to systems.
The ransomware gang LockBit, which took credit for the HACLA cyberattack in a post on the dark web, claimed to have stolen files from the public housing agency, Government Technology reports.
According to the server logs that were analyzed, the following data belonged to the HACLA members and may have been accessed by the hackers:
Full name
Social Security Number (SSN)
Date of birth
Passport number
Driver's license
State ID number
Tax ID number
Military ID number
Government-issued ID number
Credit/debit card number
Financial account number
Health insurance information
Medical information
The impacted parties have received postal notifications from the HACLA with information on how to keep an eye on their accounts, set up fraud alerts, and report incidents of identity theft to the police.
Read More: LockBit Ransomware Group Takes Responsibility Of Recent Royal Mail Attack
The Notorious LockBit Gang Claims the HACLA As Victim
The LockBit 3.0 ransomware gang, one of the most well-known and active RaaS (ransomware-as-a-service) operations, claimed responsibility for the attack on the HACLA.
On December 31, 2022, the threat actors posted samples of the files they claimed to have stolen from HACLA's network.
A January 12 deadline and that "all available data will be revealed," suggesting that those behind the attack have made a ransom demand, albeit the sum was not divulged.
On January 27, they followed up with a threat to publish all of the materials, a report by Government Technology states.
This suggests that the negotiations for the ransom payment have broken down and that the government organization has refused to accede to the demands of the cybercriminals.
It is notable that as of press time, the download link on LockBit, an extortion website no longer functions, however.
This happened roughly a month and a half after the publishing of that material, which slightly lessened the impact of the cyber attack.
According to Bleeping Computer, not even on well-known hacker forums has the stolen data collection been re-distributed.
Related Article: Locomotive Company Wabtec Confirms Cyberattack by LockBit Ransomware Group