November 1, 2024 at 07:25PM
The Housing Authority of Los Angeles confirmed a cyberattack on its IT network, allegedly linked to the Cactus ransomware gang, which claims to have stolen 891 GB of sensitive files. HACLA hired forensic specialists to investigate while ensuring operational continuity. A prior LockBit attack occurred in 2022, exposing personal data.
### Meeting Takeaways
1. **Cyberattack Confirmation**: The Housing Authority of the City of Los Angeles (HACLA) confirmed a cyberattack on its IT network, attributed to the Cactus ransomware gang.
2. **Investigation and Response**: HACLA has engaged external forensic IT specialists to investigate the breach and manage the situation. Despite the attack, their systems remain operational, and they are committed to serving low-income communities.
3. **Data Theft Claims**: The Cactus ransomware gang claims to have stolen 891 GB of files from HACLA’s network, including sensitive personal information, financial documents, and confidential correspondence.
4. **Lack of Details**: HACLA has not disclosed specifics regarding the detection of the attack, nor whether any sensitive data was exposed or compromised.
5. **Ransomware Background**: The Cactus ransomware group, which emerged in March 2023, has executed numerous double-extortion attacks and has over 260 companies listed on its dark web leak site.
6. **Previous Incidents**: HACLA experienced a prior breach by the LockBit ransomware group, with unauthorized access occurring for nearly a year. This earlier attack resulted in the exposure of sensitive personal information.
7. **LockBit Incident Overview**: The LockBit group leaked the stolen data on January 27, 2023, after HACLA declined to pay the ransom demanded.
8. **Operational Commitment**: HACLA continues to prioritize the delivery of essential services despite these cyber threats, reinforcing their commitment to vulnerable populations.