The Los Angeles Police Department (LAPD) suffered a data breach that exposed the names, email addresses, passwords, and birth dates for thousands of police officers and applicants.
The NBCLosAngeles confirmed that the data breach was discovered on July 20, 2019, the local media revealed that personal information for 2,500 LAPD officers and approximately 17,500 police officer applicants were exposed.
“A suspected hacker claimed he or she had stolen the personal information of about 2,500 LAPD officers, trainees, and recruits, along with approximately 17,500 police officer applicants, in what may be a large breach of data held by the city of Los Angeles’ Personnel Department.” reported the media.
“The city’s Information Technology Agency said it was contacted last week by someone who claimed to have accessed and downloaded the data, and the person offered some example files to show they actually had obtained the data, said agency General Manager Ted Ross.”
“Out of an abundance of caution we’re applying extra layers of security around our personnel system and enhancing defenses,” Ross told NBCLA Monday.
The City already notified impacted officers and applicants, currently, the LAPD is investigating the scope of the breach with City partners. LAPD will continue to update impacted people while investigating the incident.
LAPD is also implementing additional measures to protect the Department’s data from any further intrusions.
“Data security is paramount at the Los Angeles Police Department, and we are committed to protecting the privacy of anyone who is associated with our agency,” an LAPD spokesman said.
The officers’ union, the Los Angeles Police Protective League, defined the incident as a serious security issue.
“We also call upon the city to provide the necessary resources and assistance to any impacted officer who may become the victim of identity theft as a result of this negligence, so that they may restore their credit and/or financial standing,” the Protective League said.
The Office of Mayor Eric Garcetti revealed that the breach occurred in a legacy database that was no longer being used by the “Personnel Department” and exposed “limited information”.
“We take the protection of personal data very seriously, and the City has informed the individuals who may have been affected,” the spokesman for Mayor Eric Garcetti said. “The City’s Information Technology Agency has added additional layers of security to guard against future events of this kind.”
Any data breach that exposes personal information belonging to law enforcement is very dangerous, such events expose officers to identity theft, phishing attacks, and other malicious activities.
(SecurityAffairs – LAPD, data breach)