On June 11, a cyberattack claimed by an Iranian-linked hacker group targeted California Water Service, accessing one customer’s online account with stolen credentials. The utility’s internal systems and billing infrastructure remained secure, according to the company. Cal Water launched a comprehensive investigation, supported by state and federal agencies and cybersecurity experts, following claims by the group Handala that they had breached systems across California. The investigation revealed unauthorized access was confined to specific user accounts on two third-party service platforms. Mandiant, a cybersecurity firm, confirmed no activity within Cal Water’s internal systems. The breach involved accessing one active customer account without compromising payment information, and a third-party GPS location correction tool website lacking sensitive data. Handala claimed the breach was a warning to the U.S. government after recent air strikes in Sirik, Iran, and stated they chose not to disrupt water supplies in American cities. The group has previously been involved in high-profile incidents, including hacks against FBI Director Kash Patel and medical device company Stryker.
previous post

