HACLA housing authority discloses data breach after LockBit ransomware attack

Recently, the Housing Authority of the City of Los Angeles (HACLA) released a data breach notice following the LockBit ransomware gang listing HACLA on their Tor leak site. The data breach revealed that on Saturday 31st of December 2022, HACLA discovered that computer systems on its network had been encrypted which resulted in them being forced to shut down all servers and launching an investigation that was concluded on Monday 13th of February 2023.

The investigation has revealed that LockBit had unauthorized access to systems between Saturday 15th of January 2022, and Saturday 31st of December 2022. Based on the examined server logs from the investigation, it is believed that the threat actor might have accessed the following information belonging to members of HACLA:

• Full name
• Social Security Number (SSN)
• Date of birth
• Passport number
• Driver’s license
• State ID number
• Tax ID number
• Military ID number
• Government-issued ID number
• Credit/debit card number
• Financial account number
• Health insurance information
• Medical information

HACLA has notified the impacted individuals by mail, which includes instructions on monitoring their accounts, placing fraud alerts, and reporting identity theft incidents to the authorities.