LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers
The attack was claimed by a hacktivist group, but evidence showed it used infrastructure linked to Iranian government threat actors. The post LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers appeared first on SecurityWeek.
The recent disruptive cyberattack that targeted the Los Angeles public transportation system has been linked to the Iranian government.
The Los Angeles County Metropolitan Transportation Authority (LACMTA), widely known as LA Metro, discovered a breach in mid-March. The cybersecurity incident led to internal operational disruptions at LA Metro, but did not impact rail and bus services.
LA Metro representatives said in early April that hundreds of servers had to be checked for signs of compromise before they could be brought back online.
Source: https://www.securityweek.com/la-metro-cyberattack-linked-to-iranian-state-sponsored-hackers/
Related breach coverage
- Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands2026-05-26
The two own Dutch companies that allegedly provided bulletproof hosting services to Russia-aligned threat actors. The post Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands appeared first on SecurityWeek.
- Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say2026-05-30
Moscow’s agents are building fake companies, recruiting middlemen and deploying cyber spies and hackers who gather information that could be used to attack key infrastructure. The post Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say appeared first on SecurityWeek.
- Grafana Confirms Breach After Hackers Claim They Stole Data2026-05-18
Grafana appears to have been targeted by Coinbase Cartel, a cybercrime group linked to ShinyHunters, Scattered Spider, and Lapsus$. The post Grafana Confirms Breach After Hackers Claim They Stole Data appeared first on SecurityWeek.
- Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs2026-06-03
Threat actors are exploiting vulnerable Kirki and Burst Statistics deployments to elevate privileges and take over websites. The post Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs appeared first on SecurityWeek.