"LA Housing Authority Suffers Year-Long Breach"

The Housing Authority of the City of Los Angeles (HACLA) has recently issued a public notice outlining the impact of a ransomware breach first reported at the start of this year.  The public agency, which claims to hold the largest stock of affordable housing in the city, acknowledged a “cyber-event that resulted in disruption to its systems” at the start of January 2023.  The ransomware group LockBit claimed that it had stolen and would publish over 15TB of files from the authority.  In a fresh update, HACLA has now confirmed it discovered encrypted files in its IT environment on December 31, 2022.  The forensic investigation determined there was unauthorized access to certain servers between January 15, 2022, through December 31, 2022.  The HACLA noted that after undertaking a “comprehensive review” of all its data, it finally determined on February 13, 2023, that the impacted systems contained personal information.  While the specific data elements vary for each potentially affected individual, the scope of information potentially involved includes an individual’s name, Social Security number, date of birth, passport number, driver’s license number or state identification number, tax identification number, military identification number, government issued identification number, credit/debit card number, financial account number, health insurance information, and medical information.  The housing agency has informed the relevant authorities and the individuals impacted by the incident.

Infosecurity reports: "LA Housing Authority Suffers Year-Long Breach"