The disciplinary files of Los Angeles police officers are closely guarded secrets, protected by some of the nation’s strictest confidentiality laws.
But now, many of those secret files have been splashed across the internet, along with tens of thousands of other sensitive records from the L.A. city attorney’s office.
The extent of the data breach is still unclear, and city officials have said they are investigating to find out what was taken, who was responsible and how the city’s cybersecurity was compromised.
A ransomware hacking collective called WorldLeaks, which has gained a reputation for extorting private and public entities by threatening to disclose confidential files on the internet, has claimed responsibility.
The group first announced the breach on March 20. City and LAPD officials did not comment on whether the hackers requested a ransom in return for not releasing the information — or whether the city paid one. Some reports suggest that the group was behind a hack of L.A. Metro last month that forced it to shut down part of its transit network.
The Times spoke with several sources familiar with the investigation into the data breach who requested anonymity because they were not authorized to discuss the case publicly, and reviewed a partial inventory of the leaked files, including screenshots of some materials.
Here’s what we know so far.
How did hackers get the LAPD files?
The hacking group appears to have exploited vulnerabilities in a system used by the Los Angeles city attorney’s office, enabling the group to make off with nearly 340,000 files, according to the sources familiar with the case.
In the wake of the George Floyd protests, the sources said, the city was flooded with dozens of lawsuits from protesters who had been injured by LAPD officers. To handle the deluge of new cases, the city created a file-sharing system so that attorneys on both sides could access discovery materials, including some considered private under court orders.
It was akin to Dropbox or Google Drive, the sources said, and access was supposed to be restricted to just authorized users.
But the system, according to two sources familiar with the investigation, was not password-protected because city officials believed that it needed to be accessible to other parties, including outside attorneys hired to assist with civil litigation.
The sources said the system expanded far beyond its initial scope and came to include records from hundreds of lawsuits involving the LAPD.
In a statement issued to The Times on Wednesday, Ivor Pine, a spokesperson for the city attorney’s office, described the hack as “unauthorized access to a third-party tool used by the City Attorney’s Office to transfer discovery to opposing counsel and litigants.”
How did the LAPD and city officials find out?
Few inside the LAPD knew about the extent of the leak until The Times published a story Tuesday revealing files that appeared online.
After the news broke on Tuesday, the department released a brief public statement acknowledging the disclosure of “discovery documents from previously adjudicated or settled LAPD civil litigation cases.” The department noted that the “breach does not involve any LAPD systems or networks.”
Pine said that once the city attorney’s office realized its file-sharing system was compromised, it “took immediate steps to secure the tool and investigate what information was accessed.”
“No other City applications or systems were involved in this incident,” Pine said. “The information was self contained in this application without any links or access to any department records or systems.”
What are the consequences of the massive leak?
The data breach could have political ramifications for embattled City Atty. Hydee Feldstein Soto, who is up for reelection.
Last week, she earned the endorsement of the powerful Los Angeles Police Protective League, which represents rank-and-file LAPD officers. But union officials contend that Feldstein Soto failed to mention the leaked documents to them until they learned of the hack Tuesday evening.
On Wednesday, the union issued a scathing statement.
“To say we are disappointed by the lack of urgency and forthrightness from the City Attorney’s office is an understatement,” the union’s statement said. “We will keep asking the tough questions and once we receive answers we will take appropriate action.”
Feldstein Soto’s challenger in the city attorney’s race, John McKinney, said the public deserves immediate answers.
“The lack of transparency isn’t just concerning, it’s unacceptable,” said McKinney, who currently leads the major crimes bureau at the L.A. County district attorney’s office. “By keeping the public in the dark, witnesses and Los Angeles Police Department families may have been put at risk.”
Lawyers for police officers reported numerous calls from clients worried their personnel and medical records were exposed, raising the prospect of more costly litigation. About 900 officers are currently suing the department over the 2023 release of mugshot-style images and other materials in response to a public records request.
In all, according to posts about the data breach, 7.7 terabytes of information was available for download.
The LAPD statement described the files in the recent hack as coming from closed cases, but at least one of the files reviewed by The Times involved a lawsuit over an alleged sexual assault by a police officer that was set for trial next week.
Also disclosed were personnel files from dozens of current and former officers. Every officer’s personnel records are contained within a system called TEAMS II.
It is a detailed history that includes records on arrests they have made, training sessions they have attended, citizen complaints received against them and lawsuits they have been involved in, along with any history of traffic collisions, shootings or other uses of force, commendations, assignments, workers’ compensation claims and more.
Such records can be turned over as discovery in civil cases, but almost always under a protective order that restricts them from being shared publicly.
An untold number of internet users have downloaded the terabytes of data in the weeks since its release. What surfaces next remains to be seen.
