Iranian Cyber Group Handala Claims Cal Water Hack

The hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform. The post Iranian Cyber Group Handala Claims Cal Water Hack appeared first on SecurityWeek .

SecurityWeek reports that the Iran-linked Handala cyber group claims to have breached California Water Service (Cal Water), leaking approximately 5GB of data that allegedly includes customer personally identifiable information (PII) and administrative/RTKBase-related credentials.[1][2] These credentials appear to relate to internal operational platforms (e.g., RTKBase NTRIP caster network) and customer billing systems, representing a direct compromise of sensitive data and potentially operational access paths.[1][2] From an AI security standpoint, such leaked PII and system credentials could be repurposed to target any AI-enabled customer portals, billing systems, or field-operations tools (for example, account takeover against AI-assisted customer service agents, or poisoning of data that feeds AI decision-support for infrastructure operations). CyberSE.AI would recommend immediate assessment of where AI or automated decisioning touches these systems, hardening agent/business-logic authentication and authorization paths, and establishing CISO-level governance for handling and monitoring any AI components that consume or expose sensitive operational and customer data.