Home / Technology / Iranian hackers target California water supply
Iranian hackers target California water supply
19 Jun
Summary
- Iranian group claims to breach California Water Service systems.
- A GPS tool provided an easy entry point for the attackers.
- Customer data and network details were exposed online.
A Tehran-linked cyber threat group known as Handala has asserted responsibility for breaching California Water Service (Cal Water), a significant water utility in the United States. The group claims to have exfiltrated 5GB of data, including customer billing records and network infrastructure details for seven districts. This breach is framed by Handala as a response to recent US military actions against Iran.
Security analysis revealed that the attackers exploited a vulnerable open-source GPS platform, RTKBase, which was accessible via the internet. Administrative credentials for this system were found in plaintext within the leaked data, offering immediate access. This exploitation highlights a pattern of initial data theft preceding potential destructive actions, as observed in a previous incident against Stryker in March 2026.
This incident underscores growing concerns about Iranian cyber threats targeting US water infrastructure, as previously warned by CISA. While Cal Water has not publicly confirmed the breach, affected customers are now at increased risk of phishing attacks due to the exposure of their personal and account information.
