嗯,用户让我帮忙总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。首先,我需要仔细阅读文章,抓住关键点。 文章主要讲的是WorldLeaks勒索软件团伙攻击了洛杉矶及其地铁系统,导致系统被迫关闭。另外,湾区的两个城市也因为勒索攻击宣布进入紧急状态。洛杉矶地铁的内部系统被未经授权的活动入侵,导致访问受限,车站的到达时间显示也被扰乱了。乘客无法在线或通过客服为TAP卡充值,只能使用售票机。地铁和公交服务正常运行,没有影响到客户或员工的数据。地铁正在继续进行安全检查,并努力恢复全面访问。 在另一个事件中,福斯特市官员表示勒索软件攻击严重扰乱了市政服务,导致领导层宣布进入紧急状态以获得外部支持和资金。紧急服务如911正常运作,但依赖内部系统的许多城市服务仍然不可用。市政厅保持开放但提供有限的服务。 福斯特市在周四早些时候识别出攻击,并迅速将大部分系统脱机以保护网络。官员们正在与独立的网络安全专家合作进行调查和恢复操作。中断影响了数字服务和信息访问,但核心应急响应保持完整。当局表示尚不清楚攻击者是否访问或复制了敏感数据,但警告称公众信息可能已被泄露。作为预防措施,官员们敦促与城市互动过的人更改密码并采取措施保护个人数据。 此外,在2026年3月20日,WorldLeaks勒索软件团伙在其数据泄露网站上添加了洛杉矶市作为受害者名单中的一个。该团伙声称窃取了159.9 GB(779个文件)。WorldLeaks是一个以勒索为目的的网络犯罪集团,通过窃取公司数据来向受害者施压支付赎金,并威胁如果不支付就公开泄露数据。该组织于2025年从 Hunters International 重新品牌而来,后者自2023年以来一直活跃于 ransomware 勒索活动。由于执法压力加大,他们放弃了文件加密,并完全转向数据窃取和勒索,在此之前已有数百名受害者。 所以总结起来的话,WorldLeaks团伙攻击了洛杉矶及其地铁系统和湾区两个城市,导致系统关闭和紧急状态宣布。他们窃取大量数据并威胁公开泄露以勒索赎金。 </think> WorldLeaks 勒索软件团伙攻击洛杉矶及其地铁系统和湾区两个城市, 导致系统关闭和紧急状态宣布, 窃取大量数据并威胁公开泄露以勒索赎金. 2026-3-21 17:34:26 Author: securityaffairs.com(查看原文) 阅读量:8 收藏
WorldLeaks ransomware group breached the City of Los Angels
WorldLeaks group hit Los Angeles and its Metro system, forcing a shutdown, while two Bay Area cities declared emergencies after ransomware attacks.
WorldLeaks group hit Los Angeles and its Metro, forcing a shutdown, while two Bay Area cities declared emergencies after ransomware attacks.
This week, local media reported that an unauthorized activity hit Metro’s internal systems, forcing the agency to limit access and disrupting station arrival displays.
“Unauthorized activity on internal administrative computer systems prompted Metro to limit access to those systems, resulting in station monitors not displaying arrival times, the transit agency announced Thursday.” reported NBC Los Angeles.
Riders face issues adding funds to TAP cards online or via support, so Metro urges them to use ticket machines. Rail and bus services continue to run normally, and no customer or employee data is affected. Metro continues security checks and works to restore full access.
In a separate incident, officials in Foster City said a ransomware attack is widely disrupting municipal services and pushing leaders to declare a state of emergency to secure external support and funding. Emergency services like 911 continue to operate normally, but many city services that rely on internal systems remain unavailable. City Hall stays open with limited services.
The city identified the attack early Thursday and quickly took most systems offline to protect the network. Officials are working with independent cybersecurity experts to investigate and restore operations.
The disruption affects digital services and access to information, while core emergency response remains intact. Authorities say it is still unclear whether attackers accessed or copied sensitive data, but they warn that public information may have been exposed. As a precaution, officials urge anyone who has interacted with the city to change passwords and take steps to protect their personal data.
“Out of an abundance of caution, those who have done business with the City of Foster City are encouraged to change their personal passwords and take measures to protect their personal data,” the city said, as reported by the San Francisco Chronicle.
On March 20, 2026, the WorldLeaks ransomware group added the City of Los Angeles to the list of victims on its data leak site. The ransomware group claimed the theft of 159.9 GB (779 files).
WorldLeaks is an extortion-focused cybercrime group that steals company data to pressure victims into paying, threatening public leaks if they refuse. The group emerged in 2025 after rebranding from Hunters International, a ransomware gang active since 2023. Following increased law-enforcement pressure, it abandoned file encryption and shifted entirely to data theft and extortion, claiming hundreds of victims to date.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Los Angeles)
如有侵权请联系:admin#unsafe.sh