Cyber Incident Victim: Los Angeles Police Department
Date:
Mar 2026
Location:
United States of America
Summary
The Los Angeles Police Department reported that unauthorized individuals accessed a storage system used by the L.A. city attorney’s office that held discovery documents from previously settled or adjudicated civil litigation involving the department. The breach exposed sensitive records such as officer personnel files, Internal Affairs investigations, witness names, health information, unredacted criminal complaints and investigative files, amounting to roughly 7.7 terabytes and more than 337,000 files. Some of the material appeared on social media platforms, including a post by the account @WhosTheCop, before being removed. City and department officials did not comment on whether the attackers demanded a ransom or if any payment was made.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The breach was first identified last month when unauthorized individuals gained access to a storage system used by the Los Angeles city attorney’s office that contained discovery documents from previously adjudicated or settled Los Angeles Police Department civil litigation. The Los Angeles Police Department issued a statement saying they take the incident seriously and are working with the LA City Attorney’s Office to access the impacted files to understand the full scope of the data breach. A security researcher initially disclosed the breach, and the account @WhosTheCop on X was among the first to share a file from the suspected hack. By Tuesday afternoon the files that had been posted appeared to have been taken down.

According to posts about the data breach, the compromised trove amounted to approximately 7.7 terabytes of information and included more than 337,000 individual files. The materials consisted of sensitive records such as officer personnel files, Internal Affairs investigation documents, witness names, health information, unredacted criminal complaints, and investigative files turned over during discovery in court cases. Under California state law most police officer records are considered private, and the article notes that if authentic the disclosure represents a stunning breach of police data, given that Internal Affairs documents rarely surface in legal proceedings and are usually heavily redacted.
The Los Angeles Police Department and city officials have not commented on whether the hackers demanded a ransom or whether any payment was made. The department continues to collaborate with the LA City Attorney’s Office to assess the extent of the exposure. The appearance of the records on social media platforms has raised concerns about the privacy of individuals involved in the disclosed documents.
