Los Angeles County has begun notifying 756,000 individuals that may have had their personal information compromised during a phishing attack on LA County employees in mid-May this year.

The attack occurred on May 13, 2016, when 1,000 LA County employees received phishing emails. Of those employees, 10.8% were successfully phished, leaving many concerned with the large number of impacted victims by such a small phishing success rate.

The County of Los Angeles Chief Executive Office released a statement last Friday claiming the information compromised may have included first and last names, dates of birth, Social Security #’s, driver’s license and state identification numbers, payment information, bank account information, home addresses, phone numbers, and/or medical information.

Those individuals affected by this attack would have been through their contact with the Assessor, Chief Executive Office, Children and Family Services, Child Support Services, Health Services, Human Resources, Internal Services, Mental Health, Probation, Public Health, Public Library, Public Social Services and Public Works.

Even more shocking, it took seven months for the county to disclose the breach to the public. County official took advantage of the exemption from disclosure laws that allows delayed notification if necessary to protect ongoing legal investigations. With support from the District Attorney’s Office, “notification of the potentially affected individuals was delayed to protect the confidentiality of the sensitive, ongoing investigation and prevent broader public harm.”

The LA County DA’s office also announced on Friday that they successfully completed the investigation into this incident and have filed charges against Austin Kelvin Onaghinor, a 37-year-old Nigerian national. Onaghinor is being charged with nine counts including unauthorized computer access and identity theft.

The State of California’s District Attorney General, Kamala D. Harris, released a report, The State of California Data Security Breach Reporting, earlier this year recommending the Center for Internet Security’s CIS Controls as the baseline for implementing reasonable security measures under California law. Furthermore, Harris claimed that “failure to implement all the CIS Controls that apply to an organization’s environment constitutes a lack of reasonable security.”

As one of a handful of CIS Certified Vendors, NNT has access to security configuration benchmarks, software, metrics, and discussion forums where NNT is an essential stakeholder in collaborating on security best practices. We have leveraged these practices and resources in our products to measure and improve the security of our customers.


Read this article on SecurityWeek



The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)

[email protected]

United Kingdom

5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023

 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2023, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.