Support for LAist comes from
We Explain L.A.
Stay Connected

Share This

Housing and Homelessness

Los Angeles Housing Authority Hit By Ransomware Attack

A teal colored apartment building with white trim. It has a sign in front of it that reads Imperial Courts. Palm trees surround the building.
One of the many multi-family cinderblock apartment houses that make up the Imperial Courts public housing community.
(Housing Authority of the City of Los Angeles)
Before you read more...
Dear reader, we're asking you to help us keep local news available for all. Your tax-deductible financial support keeps our stories free to read, instead of hidden behind paywalls. We believe when reliable local reporting is widely available, the entire community benefits. Thank you for investing in your neighborhood.

Local officials confirmed on Tuesday that the Housing Authority of the City of Los Angeles (HACLA) has been subject to a cyber attack.

The hacker group Lockbit claimed responsibility for a ransomware attack on Dec. 31, posting images of purported HACLA databases containing 15 terabytes worth of stolen data. They said they will publish the data on the dark web on Jan. 12 if their payment demands are not met.

A statement from HACLA acknowledged the incident, calling it a “cyber event that resulted in disruption to our systems.”

“We are working diligently with third-party specialists to investigate the source of this disruption, confirm its impact on our systems, and to restore full functionality securely to our environment as soon as possible,” the HACLA statement said. “We remain committed to providing quality work as we continue to resolve this issue.”

Support for LAist comes from

It’s unclear how HACLA systems were breached and exactly what information was stolen.

It’s not the only local housing authority to find itself subject to a ransomware attack. In recent years, hackers have infiltrated the Indianapolis Housing Agency, the Cuyahoga Metropolitan Housing Authority in Ohio and the Bremerton Housing Authority in Washington state.

What Happens Next

Nick Merrill, a research fellow at the UC Berkeley Center for Long-Term Cybersecurity, believes HACLA is unlikely to cave to the hackers’ payment demands. But he says it’s not surprising that the agency was targeted.

“Lockbit believes that this is going to be a low-cybersecurity resource organization,” Merrill said. In the hackers’ minds, he said, local housing authorities are “not only easy to penetrate, but they are likely to pay because they don't have the capacity to recover from a ransomware attack.”

This is the second major attack on L.A.’s public sector over the past year. The Los Angeles Unified School District was hit by a ransomware attack in September, and students’ personal information was posted in October after school administrators refused to pay.

Thousands Of Angelenos Rely On HACLA

As a key agency in addressing L.A.’s affordable housing crisis, HACLA interacts with thousands of low-income residents across the city.

The housing authority maintains more than 6,300 units of public housing where tenants can pay rent using their bank account or credit card information through HACLA’s online payment portal.

Support for LAist comes from

HACLA also oversees the city’s Section 8 housing voucher program, which provides subsidies to more than 43,700 households renting apartments on the private market. The city’s Section 8 waitlist recently reopened for the first time in five years, and received more than 223,000 applications for vouchers.

UC Berkeley’s Merrill said beyond the personal information that could be exposed in this breach, the attack could further erode trust in government agencies.

“Now HACLA has lost some credibility,” Merrill said. “Defense is about more than people's privacy issues. It's about creating the effect of a predictable and reliable society with services we can depend on.”

What questions do you have about housing in Southern California?