Snapshot from Jun 25, 2026 at 22:38 UTC. For live data and tracking: View Live
Events / Geopolitical / Iranian Hackers Attacked Los_Angeles Transit
International cyberattack attribution

Iranian Hackers Attacked Los_Angeles Transit

Analysis based on 19 articles · First reported May 26, 2026 · Last updated May 26, 2026

Sentiment
-50
Attention
4
Articles
19
Market Impact
Direct
Live prominence charts, article sentiment distribution, and event development timeline available on the NewsDesk Dashboard
Market Impact

The attribution of the United States — Los Angeles Metro cyberattack to Iran increases geopolitical tensions, potentially leading to further cyber warfare and impacting the cybersecurity industry. Companies like Stryker Corporation and transportation systems face heightened risks, which could lead to increased investment in cybersecurity measures and potentially affect stock prices of targeted entities.

Cybersecurity Transportation Government
Event Summary

Israeli cybersecurity firm Gambit Security has attributed a disruptive cyberattack on the United States — Los Angeles Metro (LACMTA) in March to Iranian hackers, specifically the group Iran — Minab. The attack resulted in the theft of 700 gigabytes of data, including emails and backups, and disrupted some digital systems, though train and bus services continued. Gambit Security's report, based on forensic evidence, links the attack to a known Iranian-backed operation. This incident is part of a broader alleged campaign of cyber operations by Iranian groups since the escalation of conflict between Iran, the United States, and Israel. Other targets claimed by Iran — Minab include South Florida's Tri-Rail, vehicle tracking company Vyncs, Saudi infrastructure firm Unimac, and allegedly organizations in Israel and Turkey. Iranian hackers are also suspected of attacking Stryker Corporation and leaking emails of FBI Director Kash Patel. The United States — Federal Bureau of Investigation is coordinating responses to these incidents, raising concerns about the vulnerability of critical infrastructure to politically motivated cyberattacks.

Key Actions
100 Iran — Minab stole data United States — Los Angeles Metro
90 Iran — Minab disrupted systems United States — Los Angeles Metro
80 Gambit Security published report Iran
70 Iran — Minab claimed credit
60 Iran — Minab attacked Stryker Corporation
50 Iran — Minab leaked emails Kash Patel
Entities Involved
cnt
Iran
Iran is alleged to be behind the cyberattack on the United States — Los Angeles Metro and other entities through the hacking group Iran — Minab, increasing geopolitical tensions and scrutiny on its cyber activities.
Importance 95 Sentiment -80
govactor
United States — Los Angeles Metro
The United States — Los Angeles Metro was the primary target of a cyberattack, resulting in the theft of 700 gigabytes of data and disruption of some digital systems, though train and bus services continued.
Importance 90 Sentiment -70
loc
Iran — Minab
Iran — Minab is the pro-Iran hacking outfit that claimed responsibility for the cyberattack on the United States — Los Angeles Metro and other organizations, acting as an alleged cut-out for Iranian spies.
Importance 85 Sentiment -90
priv
Gambit Security
Gambit Security, an Israeli cybersecurity firm, discovered the exposed data from the United States — Los Angeles Metro breach and published a report attributing the attack to Iranian hackers, enhancing its reputation.
Importance 80 Sentiment 60
cnt
Israel
Israeli researchers and officials, particularly Gambit Security, played a key role in attributing the cyberattack to Iran, highlighting ongoing cyber warfare between Israel and Iran.
Importance 60 Sentiment -20
cnt
United States
The United States, through the FBI and CISA, is investigating the cyberattack on the United States — Los Angeles Metro, which affects its critical infrastructure and is part of a broader alleged Iranian cyber campaign.
Importance 50 Sentiment -10
govactor
United States — Federal Bureau of Investigation
The United States — Federal Bureau of Investigation is aware of the United States — Los Angeles Metro incident and is coordinating with partners in response to the cyberattack.
Importance 40 Sentiment 0
govactor
United States — Cybersecurity and Infrastructure Security Agency
The United States — Cybersecurity and Infrastructure Security Agency is the U.S. civilian cyber defense body that did not return messages seeking comment on the United States — Los Angeles Metro incident.
Importance 30 Sentiment 0
stock
Stryker Corporation
Stryker Corporation, a medical device company, suffered a damaging attack allegedly carried out by Iranian hackers as part of a broader campaign.
Importance 25 Sentiment -40
oth
Tri-Rail
Tri-Rail, a South Florida commuter transit system, confirmed it was hacked by Iran — Minab, though none of the affected data was critical.
Importance 20 Sentiment -30
priv
Vyncs
Vyncs, a vehicle tracking company, detected a breach by Iran — Minab, with the FBI involved in the investigation.
Importance 20 Sentiment -30
oth
Unimac
Unimac, a Saudi infrastructure firm, was also claimed to be hacked by Iran — Minab, but did not return messages seeking comment.
Importance 15 Sentiment -30
per
Kash Patel
Personal emails belonging to Kash Patel, FBI Director, were leaked in an alleged Iranian hacking operation.
Importance 10 Sentiment -20
cnt
Turkey
An insurance brokerage in Turkey was among other organizations allegedly targeted by the hacking group Iran — Minab.
Importance 5 Sentiment 0
NEWSDESK
Track this event live

Set up alerts, explore entity relationships, search across thousands of events, and build custom intelligence feeds.

Open Dashboard

About NewsDesk

NewsDesk is a news intelligence platform that converts raw news articles into structured data. It tracks events, entities, and the relationships between them, with sentiment and attention metrics derived from thousands of articles. Pages on this site are daily static snapshots from the platform's live database. For real-time tracking, search, and alerts, the full dashboard is at app.newsdesk.dev.