Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover

1 week ago 12

In Brief

Posted:

8:26 AM PDT · May 26, 2026

One of the archetypal trains unfastened to the nationalist arrives to the Wilshire/Fairfax presumption during the opening of the Metro D Line subway hold successful Los Angeles connected May 8, 2026.

Security researchers accidental a March breach of the Los Angeles transit strategy (LACMTA) was the enactment of Iranian-backed hackers. Israeli startup Gambit Security said successful a report connected Tuesday that the hackers enactment for Iran’s Ministry of Intelligence and State Security (MOIS).

Reuters first wrote astir the Gambit report.

A hacktivist radical calling itself Ababil of Minab claimed responsibility for the earlier hack, saying they stole past deleted information from the LACMTA’s systems. The group’s sanction is simply a notation to the U.S. aerial onslaught connected an Iranian school successful the metropolis of Minab that killed much than 175 people, mostly children.

“They are not a new, standalone hacktivist unit arsenic they claim,” said Gambit.

Ababil of Minab did not respond to a petition for remark erstwhile contacted by TechCrunch.

Gambit said its claims are based connected forensic grounds that ties the radical to a erstwhile Iran-linked campaign, arsenic good arsenic enactment attributed to the MOIS by Israel National Cyber Directorate. Gambit said it investigated different attacks against companies successful Israel, Saudi Arabia, and Turkey.

Contact Us

Do you person much accusation astir Ababil of Minab oregon different Iran-linked hackers and their cyberattacks? From a non-work device, you tin interaction Lorenzo Franceschi-Bicchierai securely connected Signal astatine +1 917 257 1382, oregon via Telegram and Keybase @lorenzofb, oregon email .

If Gambit’s appraisal is correct, Ababil of Minab would beryllium the latest successful a bid of fake hacktivist groups that are moving for the Iranian government. The astir caller illustration is Handala, which earlier this twelvemonth hacked U.S. aesculapian tech elephantine Stryker, wiping thousands of institution systems and worker devices.

Following the Stryker breach, the FBI seized 2 Handala websites, and the U.S. Justice Department accused Iran’s government of being down the hacktivist radical and its attacks.

Iranian-linked hackers person accrued their activities and their claimed hacks aft the U.S. and Israel started bombing Iran earlier this year. In April, a conjugation of U.S. agencies warned that Iranian hackers were targeting American captious infrastructure.

Subscribe for the industry’s biggest tech news