Breach exposes sensitive LAPD files stored in city attorney system

The Los Angeles Police Department on Tuesday announced that hackers gained access to a Los Angeles City Attorney’s Office digital storage system containing sensitive police documents.

The LAPD described the documents as materials that had been turned over in discovery from previously resolved or settled LAPD civil litigation cases.

The hack did not breach any LAPD systems or networks, according to an LAPD press release.

“We take this incident very seriously and are working with the LA City Attorney’s Office to gain access to the impacted files to understand the full scope of the data breach,” the press release said. “LAPD is committed to safeguarding its sensitive personnel and investigative information.”

A statement from a spokesperson for the LA City Attorney’s Office said it became aware of the breach on March 20. The statement said the hackers accessed a “third-party tool used by the City Attorney's Office to transfer discovery to opposing counsel and litigants.” 

“The City Attorney’s Office has confirmed that no other City applications or systems were involved in this incident,” the statement said. “The information was self-contained in this application without any links or access to any department records or systems.”

The office is working with law enforcement and external forensic specialists to investigate the incident and has partnered with the City’s Information Technology Agency (ITA) to review the data involved, the statement said.

“Our investigation is continuing to determine what information was present in the tool and we will take appropriate action to notify any affected parties based on the results of this review,” the statement said.

Under California law, police records are generally considered confidential.

The Los Angeles City Attorney’s Office did not immediately respond to a request for comment.

The LA Times reported that social media posts allegedly featuring information about the stolen material — some of which have since been taken down — revealed there were 7.7 terabytes of data available for download and more than 337,000 files accessed. 

The stolen materials included records containing witness names, medical information, unredacted criminal complaints and investigative files, the LA Times reported.