According to sources, L.A. County Department of Mental Health (a Medical organization in California) was hit with a cyber attack. It was first reported on 2024-03-29.

If You're in California, You're at Increased Risk

Specialized Cybersecurity for Critical Infrastructure

Manage your organization’s attack surface with SecuLore’s passive cyber threat detection.

  • Asset Discovery
  • Vulnerability Assessments
  • Risk Prioritization
  • 24/7 Active Threat Detection

  • Continuous Monitoring

Source 1  |  2024-03-29

MFA Bypassed in Cyberattack on L.A. County Department of Mental Health

“The Los Angeles County Department of Mental Health has recently notified the California Attorney General about a breach of an employee’s email account. The email account had multi-factor authentication (MFA) in place; however, MFA was bypassed.“

“The cyber threat actors bypassed MFA using a technique known as push notification spamming, where a user is sent multiple MFA push notifications to their mobile device in the hope that they will eventually respond. The employee did respond, resulting in their email account being compromised.“

“According to the Department of Mental Health, the attack stemmed from a breach at the City of Gardena Police Department (GDP). “GPD’s email exchanges with the Department of Mental Health (DMH) allowed the malicious actor or actors to send an email to a DMH employee and get access to that employee’s Microsoft Office 365 account.” The account contained names, dates of birth, Social Security numbers, addresses, telephone numbers, and medical record numbers.“

Hacking Resources

  • May 9, 2018

    Secure Communications: The Hacker’s Dream

  • February 14, 2018

    Your Secret Admirers: Hackers Love Your DNS

  • July 26, 2017

    How Hackers Infiltrate Our Public Safety Infrastructure

  • April 10, 2019

    The Seven Most Important Public Safety Cyber Policies

Phishing Resources

Cyber-Protecting Our Nation’s Critical Infrastructure

At SecuLore, our mission is to cyber-protect our nation’s critical infrastructure. Led by experts in 9-1-1 technology, cyberwarfare, and ethical hacking, our team provides the technology, expertise, and training needed to defend customers from increasingly sophisticated cyber threats.