Posted on January 4, 2023 at 7:23 PM
Hacking group LockBit claims they were the one who hit HACLA with a ransomware attack
Recently, a hacking group called LockBit came out, stating that they conducted a ransomware attack against the HACLA (Housing Authority of the City of Los Angeles). Soon after the statement was made, HACLA confirmed that the attack took place, stating that the matter is currently being investigated.
What happened?
HACLA is the agency that offers affordable housing, currently serving over 19,000 low-income families in the Los Angeles area. Following the attack on the agency, LockBit decided to add it to its leak site on the dark web. HACLA appeared on their list of targeted entities on December 31st, and LockBit added that they now own 15 terabytes of data that was stolen from HACLA.
Cybercriminals also posted several screenshots, which suggest what kind of data was taken. For now, it is known that the data includes the personal details of people who turned to HACLA for housing assistance, but also sensitive information from the agency’s payroll. Apart from that, accountancy and human resources files were also stolen during the incident.
Commenting on the incident, the HACLA spokesperson, Courtney Gladney, said that the specifics cannot be shared as the investigation is still ongoing. However, Gladney did say that HACLA has experienced “ a cyber event.” The event disrupted the agency’s systems, and the agency is dealing with it
The spokesperson added that the agency is collaborating with third-party specialists who are investigating the disruption, trying to find its source, and confirm how big of an impact it might have on its systems. Simultaneously, experts are also looking into methods of restoring the functionality of the system and securing the environment. Finally, the spokesperson concluded by saying that the housing agency remains committed to providing quality work while trying to resolve the problems in the aftermath of the incident.
Since then, HACLA has managed to bring its website back online, but they have yet to acknowledge the incident on the site or social media. This also means that they have not shared any details involving the attack from their perspective, either.
A second major hit in LA in the second half of 2022
However, LockBit did it for them, stating that they were responsible for the hit on HACLA. They also said that this marks a second major attack on an agency based in Los Angeles in the second half of 2022. The first one took place in September when a different ransomware gang hit the second-largest school district in the US — the Los Angeles Unified School District.
This attack was conducted by the Vice Society ransomware group — a gang of Russian-speaking hackers who stole hundreds of GB of data only to later dump it publicly. The stolen data included a lot of sensitive information, including Social Security numbers, passport details, psychological assessments of students, and even health information.
As for LockBit, they also claim responsibility for a number of other high-profile attacks, including a hit on a known tech manufacturer, Foxconn, the IT giant Accenture, and the UK-based health service vendor, Advanced. Another interesting piece of information emerged in November when the authorities charged a dual Canadian-Russian citizen, claiming that the individual was a member of the ransomware gang.
Hackers are expecting a payment
Regarding LockBit’s hit on HACLA, it remains unclear how the hackers managed to breach the system. However, hackers have managed to breach the defenses of other housing authorities in the past, including the Indianapolis Housing Agency, the Bremerton Housing Authority in the state of Washington, as well as the Ohio-based Cuyahoga Metropolitan Housing Authority.
Given that this is a ransomware hit, it is presumed that the hackers are demanding that HACLA pays a certain amount. However, a researcher at the UC Berkley Center for Long-Term Cybersecurity, Nick Merrill, said that it is unlikely that HACLA will cave to the demand. However, he added that it is not surprising that HACLA was targeted. Housing authorities are not difficult to penetrate, but they are likely to pay, as they do not have the capacity to recover from the attack on their own.
Merrill concluded by saying that this will reflect negatively on HACLA’s reputation. He doted that defense is not only about privacy issues of individuals. It is about creating effect of a predictable and reliable society which has services that people can depend on.