Overview
- Handala posted a five‑gigabyte sample it said was stolen from California Water Service, and researchers say the files include customer billing records and credentials for an internal RTKBase GPS correction/mapping service.
- Dataminr and multiple security firms traced the claimed breach to a June 11 post, after which the sample circulated to researchers who verified names, addresses, phone numbers and payment history in the data.
- Cal Water’s preliminary investigation found no confirmed network compromise or disruption to water or wastewater operations, including its billing platform, and the company continues a formal probe.
- Security experts note Handala has a pattern of mixing real data theft with exaggerated claims and say there is no public evidence the group can remotely shut off water, so their operational threats remain unverified.
- Responders advise immediate rotation of exposed passwords, strict separation of RTK/GNSS and field-mapping systems from corporate networks, and heightened monitoring for follow‑on activity that could enable identity fraud or wider intrusions.