FRESNO, Calif. (FOX26) — An Iranian-linked hacker group claiming it had the ability to interfere with California’s water systems did not breach internal networks or operational systems, according to new findings from California Water Service (Cal Water) and cybersecurity investigators.
The company said an independent investigation conducted with cybersecurity firm Mandiant determined that any unauthorized activity was limited to a small number of user accounts tied to third-party service provider platforms. Investigators found no evidence of access to Cal Water’s internal information technology systems or operational water infrastructure.
The update comes after the group known as “Handala” posted what appeared to be a California water customer bill online, claiming it had infiltrated systems serving communities including Bakersfield, Visalia, and Chico.
Water officials previously said there was no evidence the state’s water supply or operational systems were compromised, and the latest findings reinforce that assessment.
[RELATED] Iranian group claims Central Valley water hack; officials cite no evidence of breach
According to Cal Water, the investigation found that a threat actor accessed one active customer’s online account using stolen credentials.
Officials said the account did not provide access to billing systems and no payment information was exposed.
Investigators also confirmed access to an external, third-party website tied to a GPS location correction tool, but said the platform does not contain sensitive or confidential information.
Experts said earlier claims by the hacker group suggested possible access to billing or utility data, but cybersecurity analysts cautioned that such groups often exaggerate their level of intrusion to gain attention.
Sean Malone, chief information security officer, previously said the activity appeared to involve limited access to utility-related business systems and customer information, not control over water infrastructure.
Eric Wojtkun, a former FBI cybersecurity official, said agencies routinely work with utilities to test for vulnerabilities and monitor threats.
“Water is so foundational to our society,” Wojtkun said. “It makes sense for this type of politically motivated, hacktivist adversary that’s looking to generate attention.”
The City of Visalia also reported no operational impacts from the incident, noting that its billing systems are separate from water service infrastructure.
State and federal officials, including Rep. Vince Fong and Sen. Melissa Hurtado, have called for continued vigilance and stronger protections for critical infrastructure systems.
Cal Water said it continues to work with cybersecurity partners and government agencies to monitor threats and protect customer data.
Click Here For The Original Source.
