A significant cybersecurity incident has compromised a massive cache of internal documents related to the Los Angeles Police Department, exposing millions of sensitive records to the open web. The breach, which involves approximately 7.7 terabytes of data, includes more than 337,000 files ranging from officer personnel folders to unredacted criminal complaints.
The Scope of the Exposure
The leaked data is exceptionally sensitive, containing information that is typically shielded from public view under California law. Among the compromised files are internal affairs investigations and discovery documents that reveal witness names, personal contact details, and private medical data.
The Los Angeles Times first reported the scale of the leak, noting that such a comprehensive release of protected police records is almost unprecedented.
A Vulnerability in Third-Party Systems
While the data belongs to the police department, the LAPD clarified in a public statement that its primary internal networks remain secure. Instead, the hackers targeted a digital storage tool managed by the Los Angeles City Attorney’s Office.
Ivor Pine, a spokesperson for the City Attorney, confirmed that the breach originated in a third-party application. While the information was contained within that specific app and did not provide a gateway into broader city systems, the volume of data stored there was enough to create a massive privacy crisis.
Behind the Attack: World Leaks
Emma Best, co-founder of the transparency collective Distributed Denial of Secrets, identified the extortion group World Leaks as the entity behind the theft. Cybersecurity researchers at Halcyon believe World Leaks is a rebrand of the notorious “Hunters International” gang, which has a history of targeting Fortune 500 companies and healthcare providers.
The group briefly hosted the stolen files on its leak site—a common tactic used to pressure victims into paying a ransom—before removing the listing. It remains unclear if a negotiation is underway or if the data was moved to a different platform.
Ongoing Response
The LAPD and the City Attorney’s Office are currently reviewing the compromised files to determine the full impact on officers and civilians. Security experts warn that the exposure of witness names and unredacted complaints poses a direct risk to ongoing legal proceedings and individual safety.
