The Los Angeles County Chief Executive Office said in a statement that the county detected malware activity on Dec. 19 from a phishing email — a scam that aims to steal a recipient’s personal information by getting the recipient to click on a link or attachment. The phishing email came from a third party whose account and distribution list had been compromised by an unidentified attacker, and it was sent to more than two dozen county employees.
The government of L.A. County — the most populous in the nation — has more than 40,000 personal computers, 13,000 mobile phones and 800 network locations, according to its website. The Internal Services Department also supports the Countywide Integrated Radio System, which ensures critical services in an emergency.
The county said the phishing attack did not affect county services.
“Due to the county’s quick response and established security controls, a more serious incident was averted,” Chief Information Officer Bill Kehoe said in the statement. “However, as with all cyber-related incidents, the county will take immediate action to improve the overall security posture of the county.”
The statement added that Los Angeles County is still investigating the incident with help from private security firms.
These attacks are not uncommon in local government, and this was not Los Angeles County's first phishing incident in recent years. In March 2019, a phishing email targeting a Minnesota-based research company that contracts with the L.A. County Department of Health Services led to the exposure of medical information of more than 14,000 patients. In May 2016, a phishing attack directed at more than 100 Los Angeles County employees led to the exposure of Social Security numbers, names, dates of birth, payment card numbers and other personal information of about 756,000 people who had done business with county departments.