Long Beach is latest California city facing cybersecurity incident

The city of Long Beach, California is facing a range of issues due to a cybersecurity incident that was discovered on Tuesday.

The office of the city manager released a statement on Wednesday saying officials within the government were investigating the issue alongside a cybersecurity firm and had contacted the FBI for assistance. Located about 30 minutes south of Los Angeles, the city is home to nearly half a million people.

“Through the initial investigation, the City determined a network security incident occurred,” they said.

“The City’s technology and cybersecurity teams are working diligently to identify the source and scope of the incident, assess potential vulnerabilities, and implement additional security measures, as well as gather recommendations on mitigation, response and recovery plans.”

Officials confirmed that there is “no indication” that police, fire and 911 systems were affected by the attack. The city did not respond to requests for comment about whether they are dealing with a ransomware attack but explained that systems were taken offline “effective immediately during the investigation and potential remediation.”

The municipal website is currently down, replaced by links to the statement, a notice about the attack and phone numbers for critical services.

The city plans to keep systems offline for several days but government email and phone systems will remain available. Other facilities will also remain open during the remediation process.

The statement warns that the public “may experience some delays with systems and services.”

“As this is an ongoing investigation, additional details may emerge as the investigation continues. The City is committed to keeping the public informed of any new developments and potential impacts to public services and to our community,” they said, pledging to provide information through social media sites.

Cities and towns across California have faced a barrage of ransomware attacks in 2023 that have caused widespread damage and data theft.

So far, the governments attacked include:

• Oakland
• Hayward
• Victorville
• San Bernardino County
• San Francisco
• Modesto
• El Cerrito

The state has also seen ransomware attacks on a major pro bono law firm and a California-based company that controls 16 hospitals across the country.

The California’s Public Employees' Retirement System (CalPERS) — the largest public pension fund in the U.S. — was affected by the MOVEit data thefts in June, leaking troves of sensitive data on retirees from the state, public agencies, school districts and retirees of the Judges’ Retirement System and Legislators’ Retirement System.