Los Angeles County appears to be the latest victim of a wide-reaching email hack.
Around 756,000 people who had business with county departments may have had their personal information or confidential health data exposed through the breach, officials said.
The L.A. County District Attorney has filed criminal charges against a Nigerian national accused of launching the phishing attack on county employees, the D.A.’s office said Dec. 16.
Kelvin Onaghinor faces nine counts, including identify theft and unauthorized computer access, although he hasn’t yet been arrested. Officials said they aren’t even sure if he is on U.S. soil.
The Los Angeles hack joins an ever-crowing list of cyberattacks hitting institutions big and small.
Yahoo last week said it found evidence of a massive hack from 2013 that compromised the personal information of more than billion of the site’s users. The company said the breach was likely separate from a late-2014 attack that affected more than 500 million accounts and may have been the work of a “state-sponsored actor.”
Weeks before the U.S. elections, hackers released thousands of emails from the inbox of John Podesta, who chaired Hillary Clinton’s presidential campaign and was the apparent victim of an email phishing ploy.
And in Madison County, Indiana, where the stakes were drastically lower, hackers broke into the county government’s website and held critical information hostage. County commissioners last month said they would pay a ransom to the cyber thieves to retrieve the stolen data, the Herald Bulletin newspaper reported.
At North Carolina State University in Raleigh, officials in July said an email account containing the personal data of about 38,000 people was illegally accessed through a “sophisticated phishing scam.”
The Los Angeles County employees were similarly deceived by an email attack.
The D.A.’s office said 108 employees were tricked into providing their usernames and passwords. Some of those officials had “confidential client/patient information” in their email accounts through their county duties.
The office’s Cyber Crime Division said it is offering free monitoring to people whose information may have been exposed, including credit monitoring.
Onaghinor, the alleged hacker, faces 13 years in California prison if convicted.