LAPD Data Breach Exposes Personal Information of 2,500 Officers & 17,500 Applicants
- An anonymous hacker claims to have access to personal data of thousands of LAPD officers and applicants.
- Based on provided sample data, the LAPD believes that someone had stolen personal records, soon to appear on the Dark Web for sale.
- The database is question has been properly secured in the meantime, and the LAPD is doing an investigation in an effort to find the person responsible.
LAPD (Los Angeles Police Department) personnel is currently facing a crisis, after a large number of individuals had their personal data stolen from an unprotected database. An unnamed individual contacted the Los Angeles Information Technology Agency last week, claiming to be in possession of personal information of both LAPD officers and applicants. More precisely, the stolen information reportedly relates to 2,500 officers and 17,500 applicants, with the department having started to alert potential victims over the past weekend.
The compromised data is said to include officer’s names, dates of birth, the last four digits of their social security numbers, as well as the email accounts and passwords they used when applying for the job. The unnamed individual who said to be in control of this data provided some evidence to their claims. Based on example files that were submitted, LAPD concluded that this data breach has the potential to include highly personal data.
Another unknown fact is how this data breach happened, in the first place. The hacker who claims to have the stolen data said that they had “received it through external sources”. This could mean that the person in question obtained access to the Personnel Department’s Candidate Applicant Program. What this means is that we’re probably talking about a malicious hacking attempt rather than the data being supplied by an insider, such as a former employee or rogue employee. What we do know is that this data breach isn’t a ransomware attack. Instead, the data in question will most probably appear on the Dark Web for sale soon.
In a written statement for the Los Angeles Times, a spokesperson for Mayor Eric Garcetti said that the data breach involves 'limited information' from a database that is no longer in use. Nonetheless, the database has now been properly secured and the city is conducting an internal investigation. The LAPD’s Computer Crimes Unit has also joined to maximize the effort of finding the culprit.
Finally, we’d like to remind you of a growing trend of widescale data breaches. Earlier today, we learned about a massive Capital One breach, affective 106 million individuals. And in the previous few weeks, the same happened to the National Australia Bank, Marriott International, and Symantec. All of those events should serve as a warning, reminding you to secure your data, change your passwords often, and do everything you can to safeguard your private information.
What are your thoughts on the data breach reported by the LAPD? Make sure to let us know in the comments section below, and don’t forget to follow us via our social media profiles, on Facebook and Twitter. Thanks!