According to sources, L.A. County Department of Mental Health (a Medical organization in California) was hit with a cyber attack. It was first reported on 2024-03-29.

If You're in California, You're at Increased Risk

Specialized Cybersecurity for Critical Infrastructure

Manage your organization’s attack surface with SecuLore’s passive cyber threat detection.

  • Asset Discovery
  • Vulnerability Assessments
  • Risk Prioritization
  • 24/7 Active Threat Detection

  • Continuous Monitoring

Source 1  |  2024-03-29

MFA Bypassed in Cyberattack on L.A. County Department of Mental Health

“The Los Angeles County Department of Mental Health has recently notified the California Attorney General about a breach of an employee’s email account. The email account had multi-factor authentication (MFA) in place; however, MFA was bypassed.“

“The cyber threat actors bypassed MFA using a technique known as push notification spamming, where a user is sent multiple MFA push notifications to their mobile device in the hope that they will eventually respond. The employee did respond, resulting in their email account being compromised.“

“According to the Department of Mental Health, the attack stemmed from a breach at the City of Gardena Police Department (GDP). “GPD’s email exchanges with the Department of Mental Health (DMH) allowed the malicious actor or actors to send an email to a DMH employee and get access to that employee’s Microsoft Office 365 account.” The account contained names, dates of birth, Social Security numbers, addresses, telephone numbers, and medical record numbers.“

Hacking Resources

  • October 25, 2017

    Hackers Gone Wild: How Cybercriminals Impact 9-1-1 Systems

  • November 11, 2020

    4 Year Anniversary – Twitter TDoS Attack

  • October 14, 2020

    Incidents from the Trenches

  • July 8, 2020

    The Vicious Evolution of Cyber Attacks

Phishing Resources

  • October 10, 2023

    Cybersecurity Awareness Month 2023: Key Takeaways

  • April 12, 2023

    Don’t Get Hooked: Avoiding the Phish

  • November 10, 2021

    Don’t Take the Bait: Phighting the Phish

  • December 13, 2017

    New Insights: The 2016 Thanksgiving Cyber Attack

Cyber-Protecting Our Nation’s Critical Infrastructure

At SecuLore, our mission is to cyber-protect our nation’s critical infrastructure. Led by experts in 9-1-1 technology, cyberwarfare, and ethical hacking, our team provides the technology, expertise, and training needed to defend customers from increasingly sophisticated cyber threats.