The Los Angeles Police Department has suffered a data breach that has reportedly exposed the names, email addresses, passwords, and birth dates for police officers and applicants.
According to local media reports, the personal information for 2,500 LAPD officers and approximately 17,500 police officer applicants were exposed during a data breach that was discovered on July 25th 2019.
According to sources familiar with the matter, not all of the applicants had made it past the application stage.
In a statement to BleepingComputer, the LAPD confirmed the data breach and said that they are working with city partners to determine the scope of the breach. For those officers and applicants who have been affected, the City has notified them and will continue to provide updates as they become available.
"The Los Angeles Police Department is working with our city partners to better understand the extent and impact of this data breach. We are also taking steps to ensure the Department’s data is protected from any further intrusions. The employees and individuals who may have been affected by this incident have been notified and we will continue to update them as we progress through this investigation. Data security is paramount at the Los Angeles Police Department and we are committed to protecting the privacy of anyone who is associated with our agency.”
In a statement released today by the Office of Mayor Eric Garcetti, the breach occurred in a old database that was no longer being used by the "Personnel Department" and exposed "limited information".
"We are investigating a data event that was discovered on July 25, and involved limited information about City of Los Angeles job applicants in a database that is no longer used by the Personnel Department. We take the protection of personal data very seriously, and the City has informed the individuals who may have been affected. The City’s Information Technology Agency has added additional layers of security to guard against future events of this kind"
It is not known how this data breach occurred, if data was found being sold on the dark web, and how long unauthorized access may have had access.
The labor union for the Los Angeles Police Department (LAPD) stated on their Facebook page that this is a "serious security issue" and that they expect safeguards to be put in place so that this type of breach does not happen again in the future. They further expect that the City will provide needed resources to protect and help impacted offices in the event of identity theft.
Data breaches that contain the personal information for law enforcement offices are particular sensitive as it could put them at risk or leave them vulnerable to phishing attacks that could produce even more sensitive information.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now