The Housing Authority of the City of Los Angeles (HACLA) fell victim to a ransomware attack that led to the leak of clients’ sensitive information.
The agency provides affordable housing to low-income individuals and families in Los Angeles, California.
The agency discovered on December 31, 2022, that files on its computer systems were encrypted, prompting the agency to shut down its servers and launch an investigation.
The investigation ended back on February 13, 2023, where HACLA found that hackers infiltrated some of its servers between January 15, 2022, and December 31, 2022.
The hackers might have accessed sensitive information such as full names, social security numbers, birth dates, passport numbers, driver’s license numbers or state identification numbers, tax identification numbers, military identification numbers, government issued identification numbers, credit/debit card numbers, financial account numbers, health insurance information, and medical information of HACLA members.
HACLA has taken steps to implement additional safeguards and review policies and procedures relating to data privacy and security. The agency has also notified affected individuals by mail and reported the security incident to local, state, and federal law enforcement and relevant regulatory agencies.
The LockBit 3.0 ransomware gang claimed responsibility for the attack and attempted to negotiate with the agency but failed to reach an agreement.
To protect against ransomware attacks, individuals should refrain from opening unsolicited emails and attachments and visiting potentially malicious websites.
Having a backup of files offsite, like an external hard drive or the cloud, can make it easy to recover files in case of an attack.
Additionally, keeping security programs updated can help detect and remove ransomware.
