The Oar

California water — and how we see it

Source: sjvwater.org

Iranian-linked hacker group did not access CalWater operational systems, investigation finds

Fetched 2026-06-24 20:12 from sjvwater.org

Full Text

Iranian-linked hacker group did not access CalWater operational systems, investigation finds

A breach of California Water Service systems in Bakersfield, Visalia and Chico by an Iranian-linked hacking group that surfaced June 11 was limited to a one customer account and an external GPS website, according Cal Water spokeswoman Yvonne Kingman.

She wrote in an email that CalWater immediately activated its cybersecurity response plan using Mandiant, a cybersecurity firm that specializes in these types of threats.

“Mandiant did not identify evidence of threat actor activity in Cal Water’s internal information technology or operational technology environments,” Kingman wrote in an email. “The investigation determined that the threat actor accessed one active customer’s online Cal Water account using stolen user credentials.”

The actual billing system wasn’t accessed and no payment information was compromised, she wrote.

Handala, the Iranian group claiming it had breached the systems and could have shut down water service to thousands of customers, did access “…an external, third-party web site related to a GPS location correction tool; however, the website does not contain any confidential or sensitive information,” Kingman wrote.

Handala showed screenshots of a resident’s’s bill, according to several news sites. It also claimed to have five gigabytes of data from the breach on its website, according to Iranian news network Press TV .

In a statement carried by Iran’s state broadcaster, Handala said it could disrupt water service if it wanted but had refrained from doing so as a “warning” to Washington, D.C.

The hack was in retaliation for U.S. strikes that apparently damaged two water storage facilities in southern Iran near the strait of Hormuz.

The hack may not have done serious damage, but Handala’s activities should be looked at as a stepping stone, according to an article on Security Affairs . Those systems weren’t the goal, just an entry point.

“The OT (operational technology) question is the one that should be keeping water utility security teams awake,” the article states.