More than two dozen employees received an email in December containing malware, but county information technology staff detected and contained it before the exposure of any county resident data.
Los Angeles County confirmed it was the target of a phishing attack last month, which staff detected and contained before it exposed any county resident data.
According to a statement emailed to Government Technology today from the Los Angeles County Chief Executive Office, the county detected malware activity on Dec. 19 from a phishing email — a scam that aims to steal a recipient’s personal information by getting them to click on a link or attachment. The phishing email came from a third party whose account and distribution list had been compromised by an unidentified attacker, and it was sent to more than two dozen county employees.
L.A. County — the most populous in the nation — has more than 40,000 personal computers, 13,000 mobile phones and 800 network locations for its government, according to its website. The Internal Services Department also supports the Countywide Integrated Radio System, which ensures critical services in an emergency.
The county’s emailed statement said the phishing attack did not impact county services.
“Due to the county’s quick response and established security controls, a more serious incident was averted,” said Bill Kehoe, Los Angeles County Chief Information Officer, in the statement. “However, as with all cyber-related incidents, the county will take immediate action to improve the overall security posture of the county.”
The statement added that Los Angeles County is still investigating the incident with help from private security partners.
These attacks are not uncommon in local government, and this was not Los Angeles County's first phishing incident in recent years. In March 2019, a phishing email targeting a Minnesota-based research company that contracts with the L.A. County Department of Health Services led to the exposure of medical information of more than 14,000 patients. In May 2016, a phishing attack directed at more than 100 Los Angeles County employees led to the exposure of Social Security numbers, names, dates of birth, payment card numbers and other personal information of about 756,000 people who had done business with county departments.