A ransomware attack by the WorldLeaks group has compromised the City of Los Angeles and its Metro system, resulting in a shutdown and disruption of station arrival displays1. The attack, which involved unauthorized activity on internal administrative computer systems, prompted Metro to limit access to those systems. This incident is part of a broader wave of ransomware attacks targeting cities in the region, with two Bay Area cities declaring emergencies in response to similar breaches. The WorldLeaks group's attack on Los Angeles has significant implications for the security of critical infrastructure and public services. The fact that the attack was able to disrupt Metro's operations and prompt a shutdown highlights the potential consequences of such breaches. So what matters to practitioners is that this attack demonstrates the need for robust cybersecurity measures to protect against ransomware threats and minimize the risk of disruption to critical services.