LA Housing Authority targeted in alleged ransomware

The City of Los Angeles Housing Authority was assessing the damage on Tuesday from an apparent attack by hackers who are threatening to release a vast store of agency data they claim to have seized.

The breach surfaced on Saturday when individuals who deploy the malware known as LockBit posted screenshots depicting what they claimed was 15 terabytes of data they had seized.

HACLA officials did not provide Tuesday afternoon updates to their Monday evening statement that referred to a “cyberevent.”

“We are working diligently with third-party specialists to investigate the source of this disruption, confirm its impact on our systems, and restore full functionality to our environment as soon as possible safely,” the statement said. “We remain committed to delivering quality work as we continue to address this issue.

HACLA media and marketing specialist Courtney Gladney told City News Service that the agency reported the attack to federal law enforcement, but declined to say whether a ransom demand was made. .

A Times review of publicly available information on LockBit’s dark web site found what appeared to be a HACLA bank statement and list of records. The group said on the website that information would be released on January 12 if a ransom was not paid. The LockBit site claimed that the group had obtained more than 15TB of files. The folder names suggested a wide range of data from the sensitive to the mundane – from payroll, audits and taxes to a 2021 holiday video.

The size of the data set and the folder structure suggested that the attack targeted a shared file storage system and not a single machine.

LockBit has been described as “one of the most active and destructive ransomware variants in the world” in a criminal complaint filed by the Department of Justice against an alleged participant.

The complaint claimed that LockBit members had demanded more than $100 million in ransom demands since January 2020, successfully extracting “tens of millions” from victims.

A similar attack on the Los Angeles Unified School District by hacker group Vice Society resulted in the release of thousands of files last fall when the school district refused to pay.

The attack cut staff and students off from email and disabled the systems teachers use to post lessons and take attendance.

LA Unified does not collect social security numbers from students, and officials said no employee databases storing payroll, banking, social security or medical information were searched, but some contractors working in the facilities division were not so lucky.

“By shutting down all systems, we were able to stop the spread of this event…limiting its potential damage,” the superintendent said. said Alberto Carvalho. “It was the right call at the right time.”

Lately, hackers have targeted businesses and public bodies, including schools, for ransom or just to cause chaos. A notable local attack targeted the Newhall school system in 2020.

HACLA is one of the largest and most important public housing authorities in the country. HACLA provides affordable housing to over 83,000 households through its public housing and Section 8 rental assistance programs, and offers a range of permanent supportive housing programs for homeless households .