Los Angeles — City Attorney Hack Unleashes 7.7 Terabytes of Sensitive LAPD Records

Sharing is caring!

337,000 Files Surface Online in Stunning Exposure (Image Credits: Unsplash)

Los Angeles – Hackers breached a third-party digital storage system at the Los Angeles City Attorney’s Office, exposing a massive trove of sensitive Los Angeles Police Department records. The incident, detected in late March, resulted in more than 337,000 files totaling 7.7 terabytes becoming available online.[1][2] Officials confirmed the data included personnel details and investigative materials from closed civil litigation cases. The breach has sparked concerns over privacy and security in government data handling.

337,000 Files Surface Online in Stunning Exposure

Security researchers first spotted the leaked files in late March on platforms linked to hacking groups. The data dump included documents rarely seen publicly, such as unredacted internal affairs reports and witness interviews.[1] Hackers from the World Leaks extortion gang, a rebrand of the Hunters International group, posted the materials to pressure victims.[2]

Links to the files circulated on social media, including X, before some platforms removed them. The breach stemmed from unauthorized access to a tool the City Attorney’s Office used for sharing discovery materials with opposing counsel. No LAPD networks faced direct compromise, but the storage held critical case files from settled lawsuits.[3]

Contents Reveal Deep Dive into Police Operations

The leaked archive contained officer personnel files, disciplinary histories, and medical information. Discovery documents featured witness names, health details, and unredacted criminal complaints from prior investigations.[4] Internal affairs probes, often sealed under California law, appeared alongside materials from civil suits alleging misconduct.

One example involved a 2022 lawsuit claiming sexual assault by an LAPD officer, settled conditionally just before trial. Such records typically underwent heavy redaction before release. The sheer volume underscored vulnerabilities in third-party legal tools.

• Officer personnel and disciplinary files
• Internal affairs investigation documents
• Witness identities and medical records
• Unredacted criminal complaints
• Discovery from settled civil cases

Official Reactions and Swift Actions

The LAPD issued a statement on April 7 acknowledging the incident. “LAPD is aware of an incident within the LA City Attorney’s Office, where unauthorized individuals gained access to a digital storage system,” the department said. It emphasized collaboration with the City Attorney’s Office to assess the full scope.[3][4]

Ivor Pine, spokesperson for the City Attorney’s Office, confirmed unauthorized access to a third-party tool. The office secured the application, engaged law enforcement and forensic experts, and ruled out broader system involvement. The Los Angeles Police Protective League criticized delayed notification, learning details through media reports.

Federal authorities joined the probe. The FBI’s Los Angeles office assisted the City Attorney’s investigation alongside city IT specialists. No ransom details emerged publicly.

Ramifications for Privacy and Security

California law deems most police records confidential, making this leak a rare and significant violation. Exposed personal data posed risks to officers’ safety and witnesses’ privacy. Activists highlighted files on accountability cases, while unions feared lawsuits similar to prior data mishaps.

Broader context included recent hacks on LA public agencies, like Metro’s system. The incident exposed reliance on external vendors for sensitive transfers. Officials pledged notifications to affected individuals as required by state rules.

This breach serves as a stark reminder of cybersecurity gaps in legal data sharing. Stronger safeguards could prevent future exposures. What do you think about the implications for public trust in law enforcement data? Tell us in the comments.