Charges have been brought against a suspect for launching a phishing attack that potentially made personal information of more than 750,000 individuals vulnerable.
In May of this year, more than 100 Los Angeles County employees fell prey to a phishing scam, revealing user names and passwords that have since been used to potentially disclose personal information of approximately 756,000 individuals who had done business with county departments, officials said.
Charges have been brought by the L.A. County District Attorney's office against Kelvin Onaghinor for launching the cyberattack.
“My office has devoted significant resources to developing cutting-edge expertise and relationships that allow us to hold transnational cybercriminals accountable,” said District Attorney Jackie Lacey in a news release.
Onaghinor is facing a felony complaint for arrest warrant with nine counts including unauthorized computer access and identity theft. Although there has been no confirmation that personal records and information have been accessed according to reports, county officials have been notifying potential victims that their personal information was exposed and might have been compromised since Thursday, Dec. 15.
Social Security numbers, names, dates of birth and other personally identifying pieces of data were among the types of information that have been rendered vulnerable now. The county is offering free identity monitoring services for those who may have been exposed.
Cyberattacks are becoming increasingly common, with the Russian hack on DNC email, a Russian-launched phishing scam that released hundreds of thousands of emails from Hillary Clinton’s campaign chair John Podesta, and the Chinese hack on the Office of Personnel Management last year.