Housing Authority of City of Los Angeles (HACLA) reports ransomware attack, data breach

The Housing Authority of the City of Los Angeles (HACLA) is reporting a data breach following an attack by the Cactus ransomware group.

HACLA, one of the largest public housing authorities in the U.S., serves over 32,000 units and administers a $1 billion budget, providing essential housing support to low-income residents in Los Angeles.

The Cactus ransomware gang claimed responsibility for the breach and alleges they exfiltrated 891 GB of sensitive data. The gang has published screenshots of sensitive documents on its leak site and uploaded an archive of allegedly stolen files as evidence. The exposed data includes:

• Personally Identifiable Information (PII),
• Database backups,
• Financial records,
• Executive and employee personal data,
• Customer information,
• Confidential corporate data and internal correspondence.

HACLA has engaged forensic specialists to investigate, though it has not confirmed the specifics of the data compromised or when the attack was detected. The number of affected individuals is not disclosed.

The breach is HACLA’s second ransomware incident in recent years. Previously, the LockBit ransomware gang compromised HACLA’s network between January and December 2022.