Cal Water Investigates Iranian Hackers' Cybersecurity Threats

Post Views: 1

California Water Service is examining allegations of a cyber intrusion attributed to an Iran-linked group known as Handala, which claimed to have exfiltrated multiple gigabytes of data from the utility’s systems. The utility, a major provider of water services in the U.S., reportedly became a target of the group in response to recent U.S. actions against Iran. Handala, which presents itself as a hacktivist organization but is suspected of being affiliated with Iranian state-sponsored activities, stated it had the capability to disrupt water supply operations but chose not to. Instead, the group released 5 gigabytes of files purportedly stolen from California Water Service, according to an analysis by threat intelligence firm Dataminr. The firm identified that the breach involved a customer billing database and an internal application called RTKBase. California Water did not immediately respond to inquiries when the incident was first reported, but a later statement confirmed ongoing investigations. The utility emphasized that it had activated its cybersecurity protocols upon learning of the claim and was collaborating with government agencies and external experts. Initial assessments suggest no disruptions to water or wastewater systems, including billing functions. As a critical infrastructure entity, the company highlighted its existing security measures designed to safeguard networks and systems from malicious actors. The incident underscores the persistent targeting of water sector organizations, which often face vulnerabilities due to outdated systems and insufficient protective measures.