According to sources, L.A. County Department of Mental Health (a Medical organization in California) was hit with a cyber attack. It was first reported on 2024-03-29.

If You're in California, You're at Increased Risk

Specialized Cybersecurity for Critical Infrastructure

Manage your organization’s attack surface with SecuLore’s passive cyber threat detection.

  • Asset Discovery
  • Vulnerability Assessments
  • Risk Prioritization
  • 24/7 Active Threat Detection

  • Continuous Monitoring

Source 1  |  2024-03-29

MFA Bypassed in Cyberattack on L.A. County Department of Mental Health

“The Los Angeles County Department of Mental Health has recently notified the California Attorney General about a breach of an employee’s email account. The email account had multi-factor authentication (MFA) in place; however, MFA was bypassed.“

“The cyber threat actors bypassed MFA using a technique known as push notification spamming, where a user is sent multiple MFA push notifications to their mobile device in the hope that they will eventually respond. The employee did respond, resulting in their email account being compromised.“

“According to the Department of Mental Health, the attack stemmed from a breach at the City of Gardena Police Department (GDP). “GPD’s email exchanges with the Department of Mental Health (DMH) allowed the malicious actor or actors to send an email to a DMH employee and get access to that employee’s Microsoft Office 365 account.” The account contained names, dates of birth, Social Security numbers, addresses, telephone numbers, and medical record numbers.“

Hacking Resources

  • August 14, 2019

    Analyzing the Most Crippling Public Safety Cyber Attacks

  • June 12, 2019

    Why and How Public Safety is Under Cyber Attack

  • March 13, 2019

    Preparing Public Safety for a Cyber Incident Response

  • February 13, 2019

    Hackers Love Your Misconfigured Firewalls

Phishing Resources

Cyber-Protecting Our Nation’s Critical Infrastructure

At SecuLore, our mission is to cyber-protect our nation’s critical infrastructure. Led by experts in 9-1-1 technology, cyberwarfare, and ethical hacking, our team provides the technology, expertise, and training needed to defend customers from increasingly sophisticated cyber threats.