The Housing Authority of the City of Los Angeles (HACLA) has confirmed a cyberattack on its IT network following claims from the Cactus ransomware gang.

HACLA manages public housing and assistance programs for low-income families and seniors, overseeing over 32,000 units on an annual budget exceeding $1 billion.

In response to the attack, HACLA has engaged external forensic experts to investigate, though details on the timing of the breach and potential data exposure remain undisclosed. HACLA has reassured the public that systems are operational and efforts are underway to protect services for vulnerable residents.

The Cactus ransomware gang has claimed responsibility, alleging it stole 891 GB of data, including personally identifiable information, financial documents, and employee records. Screenshots and archives of sensitive documents have been published on Cactus’s leak site to validate these claims.

Buy Me A Coffee
HACLA Cactus ransomware entry (BleepingComputer)

Cactus, active since March 2023, has targeted over 260 organizations using double-extortion tactics. HACLA has previously faced a ransomware breach: the LockBit gang accessed HACLA’s network from January to December 2022, leaking sensitive member information when the agency declined to pay the ransom.

READ
LiteSpeed Cache Fixes Major Security Flaw Allowing Privilege Escalation on WordPress Sites