Cyber Incidents in Los Angeles in 2025

cyber incidents in los angeles
Table of Contents

Cyber threats are escalating, presenting serious risks to organizations and institutions in Los Angeles, California. Key sectors such as retail, finance, healthcare, and nonprofits have become frequent targets of data breaches and cyberattacks, exposing sensitive customer information and disrupting critical operations. Notable incidents in recent years, including breaches affecting Stiiizy’s cannabis retail system, Coinbase’s financial platform, and healthcare-related organizations, illustrate the increasing vulnerability of vital infrastructures.

These cyber incidents often stem from phishing schemes, malware intrusions, weak security protocols, and third-party vulnerabilities. The consequences extend beyond data exposure, resulting in financial losses, loss of customer trust, and significant operational setbacks. To defend against these growing threats, organizations in Los Angeles must adopt proactive cybersecurity strategies, such as continuous network monitoring, employee awareness programs, and robust incident response planning, to protect confidential data and reduce the risk of future attacks.

cyber incidents in los angeles in 2025

Stiiizy (Cannabis Retailer)

Between October and November 2024, Stiiizy experienced a data breach resulting from vulnerabilities in a third-party vendor’s system. Hackers accessed highly sensitive customer data, including government-issued identification documents, medical cannabis cards, and detailed transaction histories. This breach compromised the personal information of approximately 380,000 individuals.

The breach’s scope underlines the risks associated with third-party vendor relationships, especially in regulated industries such as cannabis retail. Stiiizy took immediate action by notifying affected customers via official channels and reporting the breach to the California Office of the Attorney General. Additionally, the company implemented advanced security protocols and enhanced encryption measures to prevent recurrence. These efforts demonstrate a commitment to mitigating risk and safeguarding customer privacy in a highly sensitive market.

Coinbase, Inc.

On December 26, 2024, Coinbase, a leading cryptocurrency exchange platform, reported an unauthorized access incident that exposed the personal information of an unspecified number of users. Though the details were disclosed publicly on May 20, 2025, the precise nature of the compromised data remains undisclosed, consistent with the company’s security and privacy policies.

Coinbase responded by alerting affected users and initiating comprehensive security reviews to identify system vulnerabilities. The company strengthened multi-factor authentication and intrusion detection systems as part of its response. This incident highlights the evolving threat landscape for financial technology firms and the critical need for ongoing cybersecurity assessments to protect digital assets and sensitive user data.

Promises2Kids

Promises2Kids, a nonprofit organization, reported a data breach on May 16, 2025, affecting the confidentiality of certain personal information. Specific details regarding the breach remain confidential due to privacy concerns. The organization promptly notified impacted parties and launched an internal investigation to evaluate the extent of the breach and vulnerabilities in their data management systems.

This incident exemplifies the cybersecurity challenges nonprofits face when handling the personal data of vulnerable populations. The organization is working on strengthening its data security infrastructure and training staff to recognize potential cyber threats, aiming to reduce future risks.

HealthEquity, Inc.

HealthEquity disclosed a breach that occurred on March 9, 2024, and was publicly reported on May 16, 2025. This breach compromised the personal health information of an unspecified number of individuals, raising concerns about the security of healthcare-related financial data.

In response, HealthEquity took swift action by securing affected systems and communicating directly with those impacted. The company also reviewed and upgraded its cybersecurity framework, including enhanced access controls and regular system audits. The breach serves as a reminder of the persistent cybersecurity risks within healthcare finance and the importance of ongoing vigilance to protect sensitive information.

How Does Managed Service Provider Help in Reducing Cyber Incidents in Los Angeles?

Managed Service Providers (MSPs) help Los Angeles businesses reduce cyber incidents by offering essential cybersecurity services such as network monitoring, threat detection, and incident response. They proactively identify vulnerabilities and enforce security measures like multi-factor authentication and regular software updates to prevent data breaches.

Captain IT is a trusted MSP in Los Angeles, delivering customized cybersecurity solutions for industries like healthcare, construction, manufacturing, and nonprofits. Our services include 24/7 threat monitoring, managed firewalls, and risk assessments to keep organizations protected offering them peace of mind.

Share this post

"*" indicates required fields

Get a FREE Network & Security Assessment

Submit this form and someone will contact you within 5 minutes. We will never share your information with 3rd party agencies.
Anthony
Anthony Hernandez, CEO of Captain IT, is a Los Angeles native and Cal Poly Pomona graduate with a degree in Computer Information Systems and Business. With a lifelong passion for technology, he has extensive experience as a technician, consultant, and technology director. Before founding Captain IT, Anthony spent seven years building a robust IT infrastructure for Green Dot Public Schools. He combines technical expertise with a commitment to exceptional customer satisfaction.