An Iranian hacker group claims to have accessed California Water Service billing systems, including in Chico — potentially exposing personal information for customers in a district that serves more than 100,000 people locally. Cal Water has not confirmed or denied the breach, but says there are no known disruptions to water or wastewater systems at this time.
CHICO, Calif. – An Iranian hacker group claims it accessed California Water Service systems in cities across the state, including in Chico.
Cal Water says there are no known operational disruptions, but the investigation is still ongoing.
The local Cal Water district serves more than 100,000 people in Chico and Hamilton City. The company serves more than 2 million statewide and holds its customers’ personal information.
“Access to username passwords, billing information, and address,” said Will Caput, a cybersecurity expert.
Multiple news outlets are reporting that the hacker group, Handala, posted what appear to be screenshots of Cal Water bills with Chico addresses to its blog on June 11, claiming to show proof of the hack.
The hackers said the attack was in retaliation after U.S. forces struck 2 reservoirs in Iran. Cal Water says the origins of the original message are unknown, as well as who was behind it.
According to Dataminr, an AI-powered cyber threat intelligence and risk management company, the materials put out by Handala identify Cal Water’s Chico district as a confirmed affected account with transactions and account records indicating access to the customer billing database.
A spokesperson from Cal Water didn’t confirm or deny this but sent a statement.
“Preliminary findings continue to indicate that there are no known operational disruptions to our water and wastewater systems, including the billing platform,” said Yvonne Kingman, a California Water Service spokesperson.
“We are continuing to investigate the cybersecurity incident allegations made on June 11, 2026. We take cybersecurity and this claim very seriously and are working around the clock to investigate. Upon becoming aware of the claim last Thursday, we immediately activated our cybersecurity response plan and launched a robust investigation. We have been working in close collaboration with our state and federal government partners, as well as independent leading external experts. Our investigation remains ongoing, but our preliminary findings continue to indicate that there are no known operational disruptions to our water and wastewater systems, including the billing platform.” Kingman said.
“As a critical infrastructure company, Cal Water maintains a number of cybersecurity, water system security, and water quality assurance measures to help protect our network and systems from malicious actors. We take cybersecurity and the security of our data and systems very seriously, and we will continue to thoroughly investigate this matter and closely collaborate with our federal and state government partners.” Kingman said.
Cal Water would not say whether they notified or plan to notify customers of the alleged hack. They did say they are working with state and federal partners to investigate it.
Caput, a local cybersecurity expert who specializes as an ethical hacker, says those who believe their information may have been compromised can act now to protect themselves.
“For the people that were compromised with their billing information, is just a usual, you know, change your password, and you know, there’s not much else in there that they can get to,” Caput said.
Questions remain around whether hackers were able to gain access to the billing system. No one has indicated that the safety of the actual water has been targeted.
“That would be very dangerous, so there’s layers of security that would prevent that, so far from the intel that I was reading that they have not gained access to any of those. They were actually caught well before that and kicked out,” Caput said.
The hackers also alleged that Visalia and Bakersfield’s water systems were breached.
The full California Water Services statement can be read below in it’s entirety:
“We are continuing to investigate the cybersecurity incident allegations made on June 11, 2026. We take cybersecurity and this claim very seriously and are working around the clock to investigate. Upon becoming aware of the claim last Thursday, we immediately activated our cybersecurity response plan and launched a robust investigation. We have been working in close collaboration with our state and federal government partners, as well as independent leading external experts. Our investigation remains ongoing, but our preliminary findings continue to indicate that there are no known operational disruptions to our water and wastewater systems, including the billing platform.
As a critical infrastructure company, Cal Water maintains a number of cybersecurity, water system security, and water quality assurance measures to help protect our network and systems from malicious actors. We take cybersecurity and the security of our data and systems very seriously, and we will continue to thoroughly investigate this matter and closely collaborate with our federal and state government partners.”
Click Here For The Original Source.
