LA Metro Breach Linked to Iranian Hackers, Cybersecurity Researchers Claim

LOS ANGELES, May 26: Iranian hackers were responsible for a cyberattack that disrupted parts of Los Angeles’ public transit system earlier this year and forced sections of its network offline, cybersecurity firm Gambit Security said Tuesday, according to Reuters.

The Tel Aviv-based cybersecurity company said the hackers breached systems belonging to the Los Angeles County Metropolitan Transportation Authority during a March attack and allegedly stole at least 700 gigabytes of data, including emails, backups and internal files.

According to Gambit Security, the stolen information was later inadvertently exposed online, allowing researchers to trace the server infrastructure to a hacking operation previously linked to Iran by Israeli officials and cybersecurity researchers.

The March cyberattack caused disruptions across parts of the Los Angeles transit network, prompting authorities to temporarily take some systems offline as a precaution while investigations and containment efforts were carried out.

The cybersecurity firm said its analysis connected the breach to a broader Iranian-linked hacking campaign targeting foreign infrastructure and institutions.

Iran’s mission to the United Nations did not respond to Reuters’ requests for comment regarding the allegations.

The incident adds to growing concerns among Western security agencies over cyberattacks targeting transportation networks, public infrastructure and government-linked systems amid escalating geopolitical tensions.