This is an archival story that predates current editorial management.
This archival content was written, edited, and published prior to LAist's acquisition by its current owner, Southern California Public Radio ("SCPR"). Content, such as language choice and subject matter, in archival articles therefore may not align with SCPR's current editorial standards. To learn more about those standards and why we make this distinction, please click here.
Nigerian National Allegedly Hacked L.A. County Emails, Exposing Data For More Than 750,000 People
Kelvin Onaghinor, a 37-year-old Nigerian national, has been charged with nine counts that include unauthorized computer access and identity theft, reports The Guardian. Authorities believe he has connection to a hack of L.A. County emails that happened back in May. The hack is believed to have exposed data on more than 750,000 people who've conducted business with county departments.
According to Mashable, authorities are still looking for Onaghinor, and are uncertain if he's on U.S. soil at the moment. Others are also being sought for their possible involvement with the hack.
In a release, the L.A. County District Attorney said that they've filed charges, and that Onaghinor faces nine counts that include unauthorized computer access and identity theft. The office says that Onaghinor had launched a wide-scale email phishing attack on County employees from 15 different departments. The phishing message (which attempted to coerce the receivers into revealing their passwords and login names) was sent to approximately 1,000 email accounts, but, ultimately, only 108 county employee email accounts were affected. Still, the scam may have a far-reaching effect, as it may have tapped into hundreds of thousands of data records.
According to Los Angeles Daily News, the compromised data may pertain to people who have interacted with County departments such as Children and Family Services, Child Support Services, Health Services, Mental Health, Public Health, Public Library, and Public Works, among others.
Ron Pike, a professor in computer information systems at Cal Poly Pomona, told the Daily News that, as we continue to expand our digital capabilities, vulnerabilities are bound to crop up. "The sad reality is, in general, as we want to be robust and flexible and have lots of features in our IT (information technology) systems, we're going to have security failures along with it," said Pike. "It's just a reality. Thankfully, cybersecurity is getting better, but right now isn't a set of perfect solutions."
This announcement comes on the heels of another major phishing scam that was revealed last week. Yahoo announced on Wednesday that, in 2013, a hacking incident had compromised more than 1 billions email accounts, reports the New York Times. Yahoo was embroiled in a similar situation in September, when it disclosed that around 500 million accounts were hacked back in 2014.
And, of course, John Podesta, former chairman of Hillary Clinton's presidential campaign, had his emails dumped onto the public after he'd been the victim of a hack earlier this year. Amazingly, this was all possibly the fault of a typo. As reported at NY Mag, staffers were trying to determine if a phishing email sent to Podesta was a valid message. A staffer, upon reviewing it, sent out a message saying that the email was "legitimate," when he'd actually meant to type "illegitimate."