Summary
Key Points:
- WorldLeaks ransomware group has breached the City of Los Angeles and its Metro system, causing significant disruptions and forcing a shutdown of internal systems.
- The attack has impacted station arrival displays and online services for riders, although core emergency services remain operational. The group claims to have stolen 159.9 GB of data.
- Authorities recommend that individuals who interacted with the affected cities change their passwords and take protective measures for their personal data.
Technical Details: The WorldLeaks group, which rebranded from Hunters International, focuses on data theft and extortion rather than file encryption. They have claimed hundreds of victims since their emergence in 2025.
MITRE ATT&CK Techniques:
- T1486 - Data Encrypted for Impact (Impact)
- T1071.001 - Application Layer Protocol: Web Protocols (Command and Control)
IOCs Mentioned: None mentioned
Join the discussion — sign up to comment, upvote, and save articles.