California city warns of data breach after ransomware attack claims

A city in California warned residents this week that their data was accessed by hackers who were in government systems for more than a month.

Officials in Victorville — a city of about 135,000 residents two hours northeast from Los Angeles — sent out breach notification letters to people warning that hackers were in their systems from August 12 to September 26.

“We reviewed the files that were accessed and determined that one or more file(s) contained your name and one or more of the following: Social Security number; driver’s license number or state identification card number; medical information, and health insurance policy number,” the city said.

They are offering victims one year of identity protection services. City officials did not respond to requests for comment about the specifics of the incident, but on September 25, they wrote on Facebook that they were dealing with outages affecting phone and website systems.

“This impacts our online bill pay site and online form submittals. No late fees or utility shutoffs will be assessed while the system is down. We apologize for the inconvenience as we work to resolve these issues. If you need assistance, we have set up a number of temporary service lines to receive all inquiries,” they said, urging city residents to pay bills in person if possible.

The city said it was able to restore phone and website services on October 3 but that web-based systems were still not functioning. They never provided another update on the situation.

On Tuesday, the NoEscape ransomware gang added the city to its list of victims, claiming it stole 200GB of data from government systems.

Victorville is located in San Bernardino County, which dealt with its own ransomware attack in April.

The city of #Victorville (@cityofvv) in #California, , has been reportedly #hacked by #NoEscape #ransomware group... pic.twitter.com/uydUB5vtZD

— BetterCyber (@_bettercyber_) October 24, 2023

The attack on Victorville is the latest in a spate of attacks targeting cities across California this year. Oakland, San Francisco, El Cerrito, Modesto and Hayward have all dealt with devastating ransomware attacks that limited government services for weeks and caused a range of issues for local residents.

The NoEscape ransomware gang emerged in May and has pulled off a series of high-profile attacks on prominent institutions. Last month the group attacked the organization tasked with managing the lake and river systems along the border between the U.S. and Canada.

NoEscape hackers have taken credit for attacks on Germany’s bar association and Hawaiʻi Community College as well as Australian companies, a hospital in Belgium, a manufacturing company in the US and another manufacturing company in the Netherlands.