[BreachExchange] Nigerian Allegedly Hacks LA County Accessing Personal Info. for 750, 000 People

Audrey McNeil audrey at riskbasedsecurity.com
Mon Dec 19 18:43:20 EST 2016


http://patch.com/california/pasadena-ca/nigerian-allegedly-hacks-la-county-
accessing-personal-info-750-000-people

County officials Friday announced criminal charges against a Nigerian
national who allegedly waged a phishing e-mail attack that targeted Los
Angeles County employees and potentially affected more than 750,000 people.

"Based on intensive investigation and monitoring, there is no evidence that
confidential information from any members of the public has been released
because of the breach," according to a statement released by Los Angeles
County's Chief Executive Office.

Los Angeles County officials said that 108 county employees were tricked
May 13 into providing their user names and passwords through an e-mail
designed to look legitimate, and that some of the workers had confidential
client or patient information in their e-mail accounts as a result of their
county duties.

County officials learned about the breach the following day and
"immediately implemented strict security measures" and implemented new
controls to minimize the risk of future phishing attacks, authorities said.

"An exhaustive forensic examination by the county has concluded that
approximately 756,000 individuals were potentially impacted through their
contact with the following departments: Assessor, Chief Executive Office,
Children and Family Services, Child Support Services, Health Services,
Human Resources, Internal Services, Mental Health, Probation, Public
Health, Public Library, Public Social Services and Public Works," according
to the statement.

The county "promptly began the notification process" Thursday after an
arrest warrant was issued for Austin Kelvin Onaghinor of Nigeria, and had
delayed notifying potentially affected individuals at the direction of the
Los Angeles County District Attorney's Office to protect the
confidentiality of the investigation, according to the statement.

Onaghinor is charged with one felony count of accessing and using computer
data to commit fraud or to control or obtain money, property or data, along
with eight felony counts of unlawful transfer of identifying information
for identity theft, according to the felony complaint for arrest warrant.

"We're exploring all possibilities to bring him back to Los Angeles," said
Deputy District Attorney Donn Hoffman.

The prosecutor noted that the quality of the phishing e-mails was "very
good" and said the e-mails were "persuasive."

"There certainly are other people involved," Hoffman said. "This kind of
crime really isn't a single-person operation so much."

Hoffman said the investigation is continuing and that he is hopeful others
will be prosecuted.

Los Angeles County District Attorney Jackie Lacey said her office has
"devoted significant resources to developing cutting-edge expertise and
relationships that allow us to hold transnational cyber-criminals
accountable."

"My office will work aggressively to bring this criminal hacker and others
to Los Angeles County where they will be prosecuted to the fullest extent
of the law," Lacey said.

The county noted that it is committed to helping anyone whose personal
information -- including first and last names, dates of birth, Social
Security numbers, driver's license or state identification numbers, payment
card information, bank information, home addresses and phone numbers -- may
have been compromised by the phishing attack

The county is offering free identity monitoring for potentially affected
individuals that includes credit monitoring.

The county has also offered a call station for anyone seeking additional
information about the phishing attack. The call center can be reached
Monday through Friday, between 8 a.m. and 5 p.m. PST at (855) 330-6368.

A website has also been established at https://www.211la.org/important-
notice/.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161219/07f87248/attachment.html>


More information about the BreachExchange mailing list